Email impersonations becoming pervasive, preying on a distracted and dispersed workforce
Impersonations have become pervasive, and are by far the most prevalent type of email-based attack ending up in business’s inboxes. This is according to a survey report by GreatHorn.
Emphasizing the trend, 48.7% of respondents reported seeing impersonations of people such as colleagues, customers or vendors preying on the sense of urgency of an increasingly distracted and dispersed workforce.
To develop the report, researchers collected data from over 640 security, IT and c-suite professionals to gain a better understanding of new threat vectors, issues impacting the industry at large and emerging strategies for targeted attacks.
Impersonations wreaking havoc on email inboxes
As the professional community continues to work in a remote environment, email impersonations present the perfect way for opportunistic fraudsters to take advantage of human vulnerabilities.
Although there are infinite variations of impersonation attacks, each one relies on an end users’ misguided trust in surface appearance and quick reactions to emails. The survey found that this type of attack has continued to flourish, with 35.1% of respondents saying that people impersonation attacks ranked as their top email threat in 2020.
Meanwhile, 42.4% report seeing impersonations of well-known brands in their inbox – a sharp rise from just 22.4% in 2019. Furthermore, ten percent of participants flagged brand impersonations as their top email threat, another increase from 2019 (4.8%).
Both people and brand impersonations remain difficult to detect as they appeal to authority and urgency, utilize a known contact name and depend on the systematic lack of education among non-technical recipients.
Remediation takes center stage as email-based attacks skyrocket
With this increase in email threats, IT professionals are being stretched thin as their time spent responding to and remediating email-based attacks has increased dramatically over the past year.
35.8% of respondents report seeing phishing, impersonations, credential theft, spoofing, malware, ransomware or other email threats in their inbox on a daily basis – up from 24.3% in 2019.
Due to this increase, 33.6% of respondents said they need to remediate an email-based attack every day – including suspending compromised email accounts, running PowerShell scripts, resetting compromised application accounts, legal action and more – a significant 165% increase from 2019, when only 12.7% reported the need to remediate an email-based attack on a daily basis. This surge in email-based attacks serves as a reminder that email security strategies require continuous improvement in order to mitigate the ever-evolving threats.
“This year’s survey data presents a clear reminder that organizations continue to be inundated with email-based attacks, most notably impersonations, that require constant remediation,” said GreatHorn CEO Kevin O’Brien.
“It’s impossible to prevent all phishing attacks, which is why it’s so important for IT professionals to reassess their email security strategy by putting a renewed emphasis on risk reduction in order to decrease time to detection (TTD) and time to respond (TTR.)”
Additional key stats
- 40% of respondents said their biggest problem with their current email security solution was missing payload attacks such as malware, malicious attachments and links. This was followed by missing phishing attacks (39.3%), which includes people impersonations, brand impersonations or even impersonations of services like fake voicemail scams and fake invoices.
- In 2020, 21.9% of study participants said they saw a wire transfer request in their inbox, a slight decrease from 2019 where it was 26.3%.
- When asked about credential theft attempts found in inboxes, 28.1% of survey respondents saw these in 2020 – a slight increase over 2019, where it was 24.1%.
- Only 32.9% study participants said they had seen spam/graymail in their inboxes – a significant drop from 2019 data, where 53.3% indicated that spam/graymail slipped past the filter.
- 48.3% of respondents report having to go into their junk or spam folder within the past week to retrieve and open an email that should have wound up in their inbox – up from 2019, when only 30.7% reported having to do this in the same time span.