Email Impersonation Attacks on the Rise, Mimecast Finds
Email security vendor Mimecast released its latest quarterly Email Security Risk Assessment (ESRA) report on June 6, providing insight from data collected across 44,644 participating users over a 287-day period. During the quarter, the ESRA test found 9 million emails that Mimecast categorized as some form of unwanted emails (spam), which included various threats and risks. Of the spam caught by Mimecast, there were 8,605 impersonation attacks detected, which is a 400 percent increase over the number of such attacks that Mimecast detected in its first-quarter 2017 report. This slide show takes a look at some of the highlights of the May 2017 Mimecast ESRA report.
Nearly 9 Million Spam Messages Detected
The ESRA study found that Mimecast detected 8,972,968 messages labeled as spam. Of those, 3.2 million were rejected outright and 5.8 million were quarantined.
Spam Wastes a Lot of Time
According to Mimecast’s analysis, on average one out of every 304 clicks that a user makes in email is to a bad site.
Dangerous File Types Sent via Email
There are approximately 1,900 different file types that shouldn’t be sent via email, including Java Server Pages (.jsp) and executables (.exe). In the latest ESRA study, Mimecast detected 8,319 emails that had dangerous file types as attachments.
Attachments Are Still a Problem
Not all attachments with dangerous file types are in fact malware. During the ESRA test for the quarter, Mimecast detected 2,156 malware attachments, of which 487 included some form of unknown malware.
Impersonation Attacks Growing
Mimecast reported a 400 percent quarter-over-quarter increase in the volume of email impersonation attacks it detected, with 8,605 emails characterized as impersonation attempts.
The Cost of Impersonation Is High
Email impersonation attacks are also sometimes referred to as business email compromises (BECs), which a trend the FBI’s Internet Crime Complaint Center (IC3) has been tracking. In May 2017, eWEEK reported that the IC3 had estimated that BEC scams have resulted in $5.3 billion in financial losses since October 2013.
Most Email Is Not Spam
Although spam remains a problem, the majority of emails analyzed by Mimecast were deemed to be safe. Of 40.3 million emails inspected, 31.3 million (78 percent) were considered to be safe.