Intelligent CIO Africa Issue 34 | Page 20

INFOGRAPHIC INFOGRAPHIC Mimecast report finds increase in Business Email Compromise (BEC) attacks Mimecast’s latest ESRA report has revealed that millions of spam, tens of thousands of BEC or impersonation attacks, dangerous file types and malware attachments are being delivered to users’ inboxes. M imecast, a leading email and data security company, has announced the availability of its latest Email Security Risk Assessment (ESRA). The quarterly assessment is an aggregated report of tests that measure the efficacy of widely used email security systems. This quarter’s ESRA report found a significant increase in Business Email Compromise (BEC) attacks, emails containing dangerous file types, malware attachments and spam being delivered to users’ inboxes from incumbent email security systems. BEC attacks, also referred to as email-based impersonation fraud, is an issue that is not going away because these attacks can easily evade many traditional email security systems on a global scale. The latest ESRA found a 269% increase in these types of attacks, in comparison to the same findings in last quarter’s report. This trend was also reflected in recent research, the State of Email Security 2019 report, which found that 85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact – like financial, data or customer loss. 20 INTELLIGENTCIO The rise in BEC attacks underscores the need for organisations to add protection against well-resourced attackers. BEC attacks are not the only method cybercriminals have been successfully leveraging to target organisations. The ESRA report found 28,783,892 spam emails, 28,808 malware attachments and 28,726 dangerous files types were all missed by incumbent providers and delivered to users’ inboxes, an overall false negative rate of 11% of inspected emails. The results from the report demonstrate the need for the entire industry to continue to work toward a higher standard of email security. www.intelligentcio.com