Cyberattacks via unsolicited emails remain an effective attack vector as threat actors continue to evolve their phishing techniques. Adversaries are quick to adopt new phishing lures and develop advanced malware variants. Social engineering and email attacks are often the initial steps in high-profile ransomware or cyberattacks. A recent survey from Abnormal Security, a cloud-native email security platform provider, revealed the adverse impact of socially engineered and rising email attacks causing severe financial and reputational damage to organizations globally.
In its Q3 2021 Email Threat Report, Abnormal Security revealed that over 137 account takeover attacks occurred per 100,000 mailboxes for C-suite employees. The researchers observed a significant rise in credential phishing and brute force attacks, using which attackers obtained sensitive data like passwords and usernames.
The report identified advanced email attacks across eight major industry sectors: manufacturing, technology, retail and consumer goods, energy and infrastructure services, medical, media and television, finance, and hospitality.
- 5% of all companies were targeted by brute force attacks in early June 2021
- 61% of organizations experienced a vendor email compromise attack this quarter
- 22% more business email compromise attacks since Q4 2020
- 60% chance of a successful account takeover each week for organizations with 50,000+ employees
- 73% of all advanced threats were credential phishing attacks
- 80% probability of attack every week for retail and consumer goods, technology, and media and television companies
Impersonation at its Peak
The survey also stressed that impersonation attacks have become prevalent since the beginning of the pandemic. Cybercriminals mimic popular brand names to trick their victims into providing private data like login credentials. Impersonation of internal systems like IT help desk and IT support rose 46% over the past two quarters.
“Socially-engineered attacks are dramatically rising within enterprises worldwide, creating unprecedented financial and reputational risks. These never-before-seen attacks are becoming more sophisticated with every passing day. They don’t contain indicators of compromise, such as links, attachments, and reputational risks, so they evade secure email gateways and other traditional email infrastructure, landing in inboxes where unsuspecting employees fall victim to their schemes, which include ransomware. To effectively protect against these attacks, we can no longer rely only upon established threat intelligence. To baseline good behavior, we need to look further to comprehensively understand employee and vendor identities and their relationships, all with deep context, including content and tone. Any subtle deviations from this baseline expose the possibility of a threat or attack,” said Evan Reiser, CEO, Abnormal Security.
The increase in different kinds of impersonation and email threats represents the sophistication of threat vectors and stresses the need for robust email security practices.