var breeze_prefetch = {"local_url":"https:\/\/emailexpert.com","ignore_remote_prefetch":"1","ignore_list":["\/cart\/","\/checkout\/","\/my-account\/","\/big-list-of-email-vendors-and-email-service-providers\/","wp-admin","wp-login.php"]};
var wc_add_to_cart_params = {"ajax_url":"\/wp-admin\/admin-ajax.php","wc_ajax_url":"\/?wc-ajax=%%endpoint%%","i18n_view_cart":"View cart","cart_url":"https:\/\/emailexpert.com\/cart\/","is_cart":"","cart_redirect_after_add":"no"};
var MyListing = {"Helpers":{},"Handlers":{},"MapConfig":{"ClusterSize":35,"AccessToken":"pk.eyJ1IjoiYWdlbmN5Y20iLCJhIjoiY2pxZThoaWt4NGNxODQ4bGNhdDIzZ3c4ZSJ9.7D0heKBc8apZRySQBXQI2g","Language":false,"TypeRestrictions":[],"CountryRestrictions":[],"CustomSkins":{}}};
New research from email security company Tessian, the State of Email Security Report, found that enterprise email is now the No. 1 threat vector for cyberattacks. According to the report, 94% of organizations experienced a spear phishing or impersonation attack, and 92% suffered ransomware attacks over email this year.
Organizations in the U.S. receive on average 1.5 times more spear phishing and impersonation attacks than the global average.
The Most Prevalent Types of Attacks
Impersonation attacks (where attackers attempt to create legitimate-looking email addresses) were the most common type of advanced email attack in the first nine months of 2022. These types of attacks also ranked as the top email threat that security leaders are most concerned about. On average, security leaders reported 148 impersonation attacks in 2022, followed by 141 spear phishing attacks and 138 email-based ransomware attacks. When asked who was being impersonated the most, over a third of IT and security leaders (37%) responded with threat actors posed as employees in attempts to trick end-users in their organization. This was closely followed by a vendor (32%) and a C-level executive (31%).
Ransomware also continues to be a top threat with 92% of global organizations experiencing at least one email-based ransomware attack in 2022 and 10% of the security leaders surveyed saying they received over 450 email-based ransomware attacks since January 2022. In addition, almost three-quarters (72%) of security leaders experienced account compromise or takeover in 2022. This happens when a threat actor acquires legitimate login credentials, and uses those credentials for example, to send more attacks, posing as the individual they’ve successfully impersonated in attempts to steal money or sensitive information.
Traditional Email Defenses Are Not Working
Most organizations have a secure email gateway (SEG) or native security from a cloud provider in place to keep employees secure on email. However, the report found that 62% of security leaders said advanced email threats bypassed SEGs in 2022, leaving enterprises susceptible to financial losses and leaked customer data.
Almost all respondents (99.5%) recognized that AI and machine learning can enhance and improve email security. Faster threat detection (66%) and more accurate threat detection (56%) were the top two AI benefits cited by security leaders. Almost half (44%) of respondents also noted that automated approaches to email security could alleviate administrative burdens on their already stretched security teams.
“We all rely on email at work and at home, and as the gateway to valuable data and access, email accounts are always a valuable target to adversaries, especially those seeking to compromise business,” said Josh Yavor, chief information security officer at Tessian. “We can also expect threats to continue to expand into other communication platforms like instant messaging tools, personal email or social media accounts as attackers seek to evade detection.”
Insider Threats Remain a Concern
Inbound emails are not the only threat that security leaders are concerned about. Employees also pose a risk to data and company security through data loss and exfiltration. Nearly two-thirds of security leaders (63%) said that their staff exfiltrated data over email in 2022, while 92% of companies experienced a data breach caused by an end-user making a mistake on email – such as sending an email to the wrong person or failing to send the correct attachment. Nearly one in five companies (16%) dealt with over 50 data breaches caused by users’ errors on email in 2022 alone.
Employee mistakes on email remain a pervasive issue for security leaders and can have serious repercussions. A separate study from Tessian found that two-fifths (40%) of employees sent an email to the wrong person, with almost one-third (29%) saying their business lost a client or customer because of the error. Even worse, one in four respondents (21%) lost their job because of the mistake.
Yavor added: “To keep employees secure on email, organizations should be proactive in delivering security training that addresses the common types of threats on email that’s tailored and personalized to their role and department. Company cultures also play a significant role in protecting employees. Security leaders should emphasize a culture that builds trust and confidence, which will ultimately improve security behaviors.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
We use cookies to optimize our website and our service.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":false},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":false},"version":"3.29.1","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"e_optimized_markup":true,"e_local_google_fonts":true,"theme_builder_v2":true,"landing-pages":true,"editor_v2":true,"home_screen":true,"cloud-library":true,"e_opt_in_v4_page":true},"urls":{"assets":"https:\/\/emailexpert.com\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/emailexpert.com\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/emailexpert.com\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"a6499cb2ee"},"swiperClass":"swiper","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet"],"global_image_lightbox":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_title_src":"title","lightbox_description_src":"description","woocommerce_notices_elements":[]},"post":{"id":24257,"title":"In%202022%20Advanced%20Email%20Attacks%20Achieved%20a%2020%25%20Success%20Rate%20%C2%BB%20emailexpert","excerpt":"","featuredImage":"https:\/\/emailexpert.com\/wp-content\/uploads\/2022\/11\/tessian-1024x576.png"}};
var wc_order_attribution = {"params":{"lifetime":1.0e-5,"session":30,"base64":false,"ajaxurl":"https:\/\/emailexpert.com\/wp-admin\/admin-ajax.php","prefix":"wc_order_attribution_","allowTracking":true},"fields":{"source_type":"current.typ","referrer":"current_add.rf","utm_campaign":"current.cmp","utm_source":"current.src","utm_medium":"current.mdm","utm_content":"current.cnt","utm_id":"current.id","utm_term":"current.trm","utm_source_platform":"current.plt","utm_creative_format":"current.fmt","utm_marketing_tactic":"current.tct","session_entry":"current_add.ep","session_start_time":"current_add.fd","session_pages":"session.pgs","session_count":"udata.vst","user_agent":"udata.uag"}};
var wc_cart_fragments_params = {"ajax_url":"\/wp-admin\/admin-ajax.php","wc_ajax_url":"\/?wc-ajax=%%endpoint%%","cart_hash_key":"wc_cart_hash_599f4bb86163e70d6e64c10a3b27c2a0","fragment_name":"wc_fragments_599f4bb86163e70d6e64c10a3b27c2a0","request_timeout":"5000"};
var ElementorProFrontendConfig = {"ajaxurl":"https:\/\/emailexpert.com\/wp-admin\/admin-ajax.php","nonce":"cc57502ad8","urls":{"assets":"https:\/\/emailexpert.com\/wp-content\/plugins\/elementor-pro\/assets\/","rest":"https:\/\/emailexpert.com\/wp-json\/"},"settings":{"lazy_load_background_images":false},"popup":{"hasPopUps":true},"shareButtonsNetworks":{"facebook":{"title":"Facebook","has_counter":true},"twitter":{"title":"Twitter"},"linkedin":{"title":"LinkedIn","has_counter":true},"pinterest":{"title":"Pinterest","has_counter":true},"reddit":{"title":"Reddit","has_counter":true},"vk":{"title":"VK","has_counter":true},"odnoklassniki":{"title":"OK","has_counter":true},"tumblr":{"title":"Tumblr"},"digg":{"title":"Digg"},"skype":{"title":"Skype"},"stumbleupon":{"title":"StumbleUpon","has_counter":true},"mix":{"title":"Mix"},"telegram":{"title":"Telegram"},"pocket":{"title":"Pocket","has_counter":true},"xing":{"title":"XING","has_counter":true},"whatsapp":{"title":"WhatsApp"},"email":{"title":"Email"},"print":{"title":"Print"},"x-twitter":{"title":"X"},"threads":{"title":"Threads"}},"woocommerce":{"menu_cart":{"cart_page_url":"https:\/\/emailexpert.com\/cart\/","checkout_page_url":"https:\/\/emailexpert.com\/checkout\/","fragments_nonce":"c8bd20b081"}},"facebook_sdk":{"lang":"en_US","app_id":""},"lottie":{"defaultAnimationUrl":"https:\/\/emailexpert.com\/wp-content\/plugins\/elementor-pro\/modules\/lottie\/assets\/animations\/default.json"}};
