Each quarter, email security firm Mimecast releases a report based on Mimecast Email Security Risk Assessment (ESRA) tests. The tests show how effective businesses email security systems are at blocking email-based threats and spam email.
The tests show the extent to which cybercriminals are attempting to gain a foothold in business networks using malware, although the latest report has highlighted the danger of non-malware-based attacks such as phishing.
Malware provides cybercriminals with access to the computers and business networks, although email security solutions are often effective at detecting and blocking malware before it is installed. Security awareness training programs teach end users not to open attachments in emails sent by unknown individuals, making it harder for the malware to be installed.
Phishing attacks are harder to identify as they do not include any malicious files. Typically, they use hyperlinks in combination with social engineering techniques to fool end users into visiting malicious sites and disclosing their login credentials. Those credentials can then be used to gain remote access to business networks.
One of the main ways this is achieved is though impersonation attacks. Emails are sent to end users that appear to have come from legitimate companies. The emails use official logos, color schemes, and message layouts that make the messages almost impossible to distinguish from genuine communications.
The latest ESRA report has revealed a sharp increase in email impersonation attacks, which have risen by 400% since last quarter.
These impersonation attacks were detected by Mimecast on more than 44,000 end users’ devices. In addition to the 8,605 impersonation attacks, Mimecast detected 9 million spam emails, 8,318 dangerous file types, and 1,669 known and 487 unknown malware attachments. In all cases, those malicious messages had passed through companies’ incumbent email security defenses.
“This latest ESRA analysis reflects how impersonation attacks are getting through existing email security defenses at an alarming rate.” said Ed Jennings, chief operating officer at Mimecast. “If a CISO isn’t reviewing its current email security solution on a 12-18 month basis, they may be surprised at what threats are now getting into employees’ inboxes.”