December ESRA reports show a rise in impersonation attacks.

We recently announced the 4th in a series of quarterly reports aggregated from our Email Security Risk Assessment (ESRA) testing program.  For those new to the Mimecast ESRA program, in an ESRA test Mimecast uses our cloud-based email security service to assess the effectiveness of incumbent email security systems in use by organizations.  An ESRA test passively inspects emails that have already been inspected and delivered – and not blocked - by the organization’s existing email security system.

With an ESRA the Mimecast service re-inspects the emails deemed safe by the incumbent email security system, thus looking for false negatives, such as missed spam, malicious files, and impersonation emails that were passed through for delivery.

Now to the latest ESRA report. 

In aggregate to date, as reported with the release of this December ESRA report:

  • 55,620,076 emails inspected
  • 97,564 email users
  • Over an accumulated 631 days of testing

In this December report, false negatives that were allowed to pass through the incumbent security systems, were, not surprisingly, dominated in quantity by Spam at nearly 12.5 million emails.  But what was most notable and threatening was the rate of false negatives for impersonation attacks versus those for missed malware attachments.  The rate of false negatives for impersonations versus malware were seen to run at more than 7 to 1

Meaning that for every email that got through with a malicious file attachment, there were more than 7 emails getting through with malware-less Business Email Compromise types of phishes!  This is a strong sign that attackers have shifted – as they are so apt to do – from using malware to using various forms of email-borne impersonations to separate organizations from their money and intellectual property.  This is also a sign that the email security systems in common use by organizations have unfortunately not made the same shift!

What is my conclusion?  The same one as in my last quarter’s ESRA blog. There is a lot of work to do to truly make email safer for business!

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

Take 3: Email Security Risk Assessment Program

As promised in my last ESRA update blog,…

As promised in my last ESRA update blog, we are now ready to… Read More >

Matthew Gardiner

by Matthew Gardiner

Director of Product Marketing

Posted Aug 02, 2017

Updated Email Security Risk Assessment

The Mimecast Email Security Risk Assessm…

The Mimecast Email Security Risk Assessment – Take 2 As prom… Read More >

Matthew Gardiner

by Matthew Gardiner

Director of Product Marketing

Posted Jun 07, 2017

The Mimecast Email Security Risk Assessment – Benchmarking Email Secur…

Would it surprise you to learn that in r…

Would it surprise you to learn that in recent testing Mimeca… Read More >

Matthew Gardiner

by Matthew Gardiner

Director of Product Marketing

Posted Feb 14, 2017