Joerg Habermeier - stock.adobe.c

Sharp rise in business email compromise

Cyber attackers are expanding their attack methods to steal money and to gain access to corporate and employee data, a report reveals

There has been a sharp increase in business email compromise (BEC) or impersonation attacks, according to the latest email security risk assessment report by email management firm Mimecast.

The report is based on aggregated tests that measure the efficacy of widely used email security systems and is aimed at helping participating organisations better understand the number and type of email-borne threats that are getting through their current defences.

As part of the cumulative assessments, Mimecast inspected more than 142 million emails that have passed through organisations’ incumbent email security suppliers, which revealed an 80% increase of impersonation or BEC attacks in comparison to the previous quarters’ report.

In BEC attacks, criminals typically gain access to a corporate email account and spoof the owner’s identity to trick employees, customers or partners into approving money transfers to criminal accounts.

An alternative approach is to compromise the computer, email account or email server of the victim organisation to intercept, alter or initiate business transactions, including direct payments on behalf of the victim organisation with the money destined to financial accounts they control.

Mimecast is applying its cloud-based microservices approach ever more widely to enable customer organisations to increase their cyber resilience.

The latest report underlines the success of this approach, with Mimecast technology identifying 203,000 malicious links in 10,072,682 emails that were deemed safe by other security systems.

According to the report, Mimecast was able to identify an additional 19 million pieces of spam, more than 13,000 emails containing dangerous file types, and more than 15,600 malware attachments that were missed by incumbent providers and delivered to users’ inboxes.

“Targeted malware, heavily socially engineered impersonation attacks and phishing threats are still reaching employee inboxes. This leaves organisations at risk of a data breach and financial loss,” said Matthew Gardiner, cyber security strategist at Mimecast.

“Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter on quarter. These are difficult attacks to identify without specialised security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them.”

According to Mimecast, the report indicates the need for organisations to enhance their cyber resilience strategies for email, with a multi-layered approach that includes a third-party service provider.

The report findings are consistent with an SE Labs independent email security services protection group test earlier this year that gave Mimecast the top score and a “AAA” rating.

“The SE Labs report highlights the need for multiple layers of protection to increase security efficacy and to address the rise of more advanced email attacks,” said Gardiner.

Mimecast uses multiple layers and types of detection engines, combined with high performance analytics and a diverse set of threat intelligence sources, overseen by the Mimecast security operations team, he said.

Read more about BEC attacks

  • Business email compromise (BEC) attempts doubled between the first and second half of 2017
  • Business email compromise (BEC) is the top cyber criminal trend.
  • Corvid secures email and takes users out of the firing line.
  • Whaling attacks take phishing to the next level with bigger targets.

Read more on Hackers and cybercrime prevention