You are hereHome SectorsUAE
Cybercriminals switching to impersonation attacks to bypass email security
Source: OAK Consulting for Mimecast , Author: Posted by BI-ME staff
Posted: Wed December 6, 2017 11:36 am

UAE. Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the availability of its most recent Email Security Risk Assessment (ESRA) test results.

The ESRA testing program measures the effectiveness of existing email security systems in regular use by tens-of-thousands of organizations globally.

The latest results highlight the continued challenge of securing organizations from malicious attachments and spam – but most alarming was the number of malwareless impersonation attacks incumbent email security solutions are unable to stop.

Most organizations are concerned about malware being the main risk to their email related security posture, but this result reveals an increased risk of impersonation attacks as compared to attacks leveraging malware.

Mimecast reported impersonation attacks, which rely on duping recipients into wiring the attacker money or highly monetizable data, rose almost 50 percent quarter over quarter. Emails with malware attachments or dangerous files types, combined, only increased about 15 percent. Missed impersonation attacks were seen to occur more than 7 times as often as missed email-borne malware. 

These findings follow a recent PhishMe® study that found approximately two thirds of IT executives surveyed had dealt with a security incident originating from a deceptive email.

“Impersonation attacks are an easy and effective way to dupe unsuspecting victims by gaining trust through a combination of social engineering and technical means,” said Ed Jennings, chief operating officer at Mimecast.

“This latest ESRA report reveals that many email security providers are leaving organizations very vulnerable to these often hard to detect impersonation attacks. Cybercriminals know that many traditional email security services are improving their ability to stop email-borne malware, but remain ineffective against impersonation attacks.”

The latest ESRA reflects findings by inspecting the actual inbound email of almost 100,000 users over a cumulative 631 days received. These organizations used a variety of common email security systems.

More than 55 million emails to date have been inspected as part of the Mimecast ESRA program, all of which had passed through the organization’s incumbent email security vendor.

Completed ESRA assessments have found more than 12,400,000 pieces of spam, 9,055 emails containing dangerous file types, 1,844 known and 691 unknown emails with malware attachments, and 18,971 impersonation attacks missed by incumbent providers and delivered to users’ inboxes. 

 Photo Captions:
1. (above)  Ed Jennings, chief operating officer at Mimecast
2. (inset)  For illustrative purposes only (File photo)

About Mimecast
Mimecast (NASDAQ: MIME) makes business email and data safer for 28,200 customers and their millions of employees worldwide. Founded in 2003, the company's next-generation cloud-based security, archiving and continuity services protect email and deliver comprehensive email risk management.

 

MIDDLE EAST BUSINESS COMMENT & ANALYSIS

date:Posted: December 14, 2017
UAE. Growing use of artificial intelligence, machine learning with data analytics, and business intelligence; Rise of AI-powered chatbots in customer service and support; Use of blockchain in enterprise security for identity management.
date:Posted: December 14, 2017
UAE. IA professionals and executive stakeholders increasingly want internal auditors to become strategic business partners.
date:Posted: December 13, 2017
INTERNATIONAL. As our systems will get smarter, so too will our ability to understand their interconnectedness. Imagine the transformative power we could unlock if we could see the cumulative impact of a billion small actions in motion. Could IoT be the hero to save us from ourselves?
dhgate