Impersonations have become pervasive, and are by far the most prevalent type of email-based attack ending up in business’s inboxes. This is according to the third annual Email Security Challenges, Trends and Benchmarks survey report, released today by GreatHorn. Emphasizing the trend, nearly half of respondents (48.7%) reported seeing impersonations of people such as colleagues, customers or vendors preying on the sense of urgency of an increasingly distracted and dispersed workforce.
To develop the report, GreatHorn collected data from over 640 security, IT and c-suite professionals to gain a better understanding of new threat vectors, issues impacting the industry at large and emerging strategies for targeted attacks.
Impersonations Wreaking Havoc on Email Inboxes
As the professional community continues to work in a remote environment, email impersonations present the perfect way for opportunistic fraudsters to take advantage of human vulnerabilities. Although there are infinite variations of impersonation attacks, each one relies on an end users’ misguided trust in surface appearance and quick reactions to emails. GreatHorn’s survey found that this type of attack has continued to flourish, with over a third of respondents (35.1%) saying that people impersonation attacks ranked as their top email threat in 2020.
Meanwhile, 42.4% report seeing impersonations of well-known brands in their inbox – a sharp rise from just 22.4% in 2019. Furthermore, ten percent of participants flagged brand impersonations as their top email threat, another increase from 2019 (4.8%).
Both people and brand impersonations remain difficult to detect as they appeal to authority and urgency, utilize a known contact name and depend on the systematic lack of education among non-technical recipients.
Remediation Takes Center Stage as Email-Based Attacks Skyrocket
With this increase in email threats, IT professionals are being stretched thin as their time spent responding to and remediating email-based attacks has increased dramatically over the past year. More than a third of respondents (35.8%) report seeing phishing, impersonations, credential theft, spoofing, malware, ransomware or other email threats in their inbox on a daily basis – up from 24.3% in 2019.
Due to this increase, a third of respondents (33.6%) said they need to remediate an email-based attack every day – including suspending compromised email accounts, running PowerShell scripts, resetting compromised application accounts, legal action and more – a significant 165% increase from 2019, when only 12.7% reported the need to remediate an email-based attack on a daily basis. This surge in email-based attacks serves as a reminder that email security strategies require continuous improvement in order to mitigate the ever-evolving threats.
“This year’s survey data presents a clear reminder that organizations continue to be inundated with email-based attacks, most notably impersonations, that require constant remediation,” said GreatHorn CEO Kevin O’Brien. “It’s impossible to prevent all phishing attacks, which is why it’s so important for IT professionals to reassess their email security strategy by putting a renewed emphasis on risk reduction in order to decrease time to detection (TTD) and time to respond (TTR.)”
Additional Key Stats
- 40% of respondents said their biggest problem with their current email security solution was missing payload attacks such as malware, malicious attachments and links. This was followed by missing phishing attacks (39.3%), which includes people impersonations, brand impersonations or even impersonations of services like fake voicemail scams and fake invoices.
- In 2020, 21.9% of study participants said they saw a wire transfer request in their inbox, a slight decrease from 2019 where it was 26.3%.
- When asked about credential theft attempts found in inboxes, 28.1% of survey respondents saw these in 2020 – a slight increase over 2019, where it was 24.1%.
- Only 1 in 3 study participants (32.9%) said they had seen spam/graymail in their inboxes – a significant drop from 2019 data, where more than half (53.3%) indicated that spam/graymail slipped past the filter.
- Nearly half of respondents (48.3%) report having to go into their junk or spam folder within the past week to retrieve and open an email that should have wound up in their inbox – up from 2019, when only 30.7% reported having to do this in the same time span.
The report with full details and data can be downloaded here.
GreatHorn safeguards cloud email from advanced threats like impersonations, credential theft, malware, and social engineering attacks by protecting organizations before, during, and after an email attack. Through its proactive threat detection engine, end-user education, and robust remediation capabilities, GreatHorn frees security teams from time-consuming email security management to enable them to respond to genuine threats faster. More information is available at www.greathorn.com.
SHIFT Communications for GreatHorn