be-nz logo
Story image

Workplace inboxes still plagued by phishing attacks

31 May 2019

Mimecast’s annual State of Email Security report confirms that social engineering is still plaguing businesses, along with other email threats including ransomware and phishing attacks.

The report found that impersonation attacks, whereby attackers impersonate a colleague, high-ranking executive or partner in order to trick recipients, increased 67% compared to 2018 figures.

That suggests that cybercriminals are increasingly using the tactic to steal data and deliver threats. Of the 1025 global IT decision makers polled for the study, 73% had been impacted by direct losses as a result of impersonation attacks. Those losses included data loss (40%), financial loss (29%), and customer loss (28%).

Email phishing attacks are still as prevalent as ever – almost all (94%) of respondents indicated that they had experienced phishing and spear phishing attacks in the last 12 months. Additionally, 55% saw an increase in phishing attacks during the same period.

The report found that 61% of respondents believe it is likely or inevitable their organisation will suffer a negative business impact from an email-borne attack this year. The report also found that business-disrupting ransomware attacks are up 26% compared to last year.

Forty-nine percent of respondents noted having downtime for two to three days, whereas 31% experienced downtime for four to five days.

According to Mimecast vice president of threat intelligence Josh Douglas, email security systems should be considered the front line defence for most attacks. But data alone doesn’t create value.

“Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect, and not just focus on indicators of compromise which would only address past problems.”

“Financial, Manufacturing, Professional Services, Science/Technology as well as Transportation Industries are top targets. Understanding these key pain points helps organisations build a more comprehensive cyber resilience plan.”   

Awareness training should be part of that cyber resilience plan. The report says that human error ranks higher for cyber risks that both software flaws and vulnerabilities. 

What’s more, half of surveyed respondents said their organisations conduct awareness training quarterly or less frequently, despite the fact that awareness training is catching on as an effective security tool.

“The most widely used method (62%) of awareness training happens in a group session. Following group training sessions, other popular methods include interactive videos highlighting best/worst security practices (45%), formal online testing (44%), reference lists of tips (44%) and one-on-one training sessions (44%),” the report says.

“These results reinforce the need for engaging training that is delivered persistently over time and that concentrates heavily on helping employees detect and avoid email-borne attacks.”

Story image
Apple teases new macOS Big Sur & goes all-in on silicon SoC
With the addition of Mac to the SoC ecosystem, the Mac will benefit from higher performance and more capabilities in areas such as app development and machine learning.More
Story image
PB Tech onboards Access4 SMB UCaaS solution
The tech retailer expands its move into the business space with the solution designed for deployment of a basic UCaaS solution into small businesses.More
Story image
Sennheiser TeamConnect Ceiling 2 now compatible with Zoom
According to Sennheiser, Zoom’s video communication tool has become an ‘indispensable’ resource for businesses digitally transforming their workplaces.More
Story image
Hands-on review: JBL Tune 220TWS
Another great part of the design is the earbuds themselves. Most other earbuds on the market can’t be worn for more than two hours at a time because of the amount of pressure they put on ear canals. Thankfully, the JBL Tune 220 were designed with all-day wear in mind. More
Story image
Apple unveils iPadOS 14, with redesigns for Siri, Search, widgets and more
“With iPadOS 14, we’re excited to build on the distinct experience of iPad and deliver new capabilities that help customers boost productivity, be more creative, and have more fun.”More
Story image
Apple's new watchOS 7 features handwashing detection, new watch faces
“watchOS 7 brings sleep tracking, automatic handwashing detection, and new workout types together with a whole new way to discover and use watch faces, helping our users stay healthy, active, and connected.”More