New report reveals an 80% increase in impersonation or Business Email Compromise (BEC) attacks
Cyberattackers are expanding their attack vectors to steal money, gain access to corporate and employee data
Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the availability of its latest quarterly Email Security Risk Assessment (ESRA), an aggregated report of tests that measure the efficacy of widely used email security systems.
A Mimecast ESRA helps participating organizations better understand the number and type of email-borne threats that are getting through their current defenses. As part of the cumulative assessments, Mimecast has inspected more than 142 million emails that have passed through organizations’ incumbent email security vendors. Latest results revealed 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems – a ratio of one unstopped malicious link for every 50 emails inspected.
The report also found an 80% increase impersonation attacks in comparison to last quarters’ report with 41,605 caught. Additionally, 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments were all missed by these incumbent providers and delivered to users’ inboxes.
“Targeted malware, heavily socially-engineered impersonation attacks, and phishing threats are still reaching employee inboxes. This leaves organizations at risk of a data breach and financial loss,” said Matthew Gardiner, cybersecurity strategist at Mimecast. “Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter. These are difficult attacks to identify without specialized security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them.”
The report indicates the need for organizations to enhance their cyber resilience strategies for email with a multi-layered approach that includes a third-party service provider. This new ESRA report follows an SE Labs Independent Email Security Services Protection group test, which gave Mimecast the top score and a “AAA” rating. Other email security services SE Labs evaluated were from Microsoft, Forcepoint, Symantec and Proofpoint.
“The SE Labs report highlights the need for multiple layers of protection to increase security efficacy and to address the rise of more advanced email attacks,” added Gardiner.
Mimecast is engineered to use multiple layers and types of detection engines, combined with high performance analytics and a diverse set of threat intelligence sources, overseen by the Mimecast SOC. This helps protect email data and employees from malware, spam, phishing, and targeted attacks - 100% from the cloud.
- Take a look at the Email Security Risk Assessment infographic
- Read the full SE Labs report: Email Security Services Protection
SE Labs Methodology
SE Labs aims to improve information technology security by assessing products and services designed to detect attacks, protect against intrusions or both. SE Labs used current threat intelligence to make tests as realistic as possible and each individual attack was recreated differently 10 times. Testing was unsponsored and conducted in February 2018.
Mimecast (NASDAQ: MIME) makes business email and data safer for thousands of customers and their millions of employees worldwide. Founded in 2003, the company's next-generation cloud-based security, archiving and continuity services protect email and deliver comprehensive email risk management.
We welcome the opportunity to engage with the press and talk about our work and our industry.
Sr. Public Relations Manager - Lexington office