80% increase in business email compromise attacks

Mimecast’s Email Security Risk Assessment report has revealed that BEC (business email compromise) attacks have increased by 80% in the past quarter.

BEC scams target organizations to try to compromise the email account of a victim and get personal data, payroll information, or funds. Attackers often pose as senior executives or even CEOs to trick the victim and gain access. These scams are simple but effective.

A key finding from the report was that more than 200,000 malicious links were found in 10 million ‘safe’ emails, averaging 1 malicious link in every 50 emails that were deemed ‘safe’ by email security systems.

Matthew Gardiner, cybersecurity strategist at Mimecast, said:

Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter. These are difficult attacks to identify without specialized security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them.

How to prevent BEC

The report highlights that spoof emails are bypassing spam filters, meaning your organization’s staff are the last line of defense against email fraud. It is therefore vital that your employees are aware of the risks of phishing emails and know what to look for.

Our Phishing Staff Awareness Course covers everything your employees need to know in an easy-to-understand e-learning module. It explains the types of phishing emails they are likely to face, the consequences of a successful attack, how to identify a scam, and how to avoid an attack.

You might also be interested in our Phishing and Ransomware – Human patch e-learning course, which emphasizes the threat of scam emails that contain malware. Ransomware attacks are increasingly common and can result in huge delays – not to mention financial losses if you go against advice by paying the ransom.

Another simple solution is to decorate your workplace with our Phishing Awareness Posters. These won’t lead to a drastic turnaround in behavior in your organization on their own, but they are a perfect complement to your training courses, giving staff constant reminders of the lessons they’ve been taught.