Phishing Attack Volume Growing at Most Organizations, Mimecast Reports

Email remains one of the primary ways that hackers attack organizations. That was one of Mimecast’s findings in its second annual State of Email Security report. The 21-page report, released on July 24, surveyed 800 IT decision-makers to provide insight into the current landscape of email attacks. Among the high-level findings in the report is that most organizations are seeing a rise in phishing attacks. But attacks aren’t the only risk for email—so too is simple user error, with 31 percent of C-level executives accidentally sending sensitive emails to the wrong address. The report also identified a lack of training as being a risk, with only 11 percent of organizations continuously training employees on how to spot attacks. In this slide show, eWEEK looks at some of the highlights from Mimecast’s State of Email Security report.

According to Mimecast’s survey, 90 percent of global organizations reported seeing the volume of phishing attacks increase or stay the same over the past 12 months.

Among the risks identified by Mimecast is the simple error of sending an email with sensitive information to the wrong person. Thirty-one percent of respondents reported that a member of their organization’s C-suite has accidentally sent sensitive data via email to the wrong address.

While technology plays a role in email security, so too does employee training. According to Mimecast, only 11 percent of surveyed organizations continuously train employees on how to spot cyber-attacks.

As to why email security is lacking in some organizations, 38 percent of respondents blamed their CEO, noting that the CEO undervalues the role of email security to protect the organization.

Email remains a primary method for malware attacks to spread across an organization. Sixty-one percent of respondents noted that their organizations were hit by an attack where malicious activity was spread from one infected user to other employees via email.

Email impersonation attacks are more than just a nuisance. They can have a direct cost as well. Twenty percent of respondents noted their organizations have suffered direct financial loss from an impersonation attack.

Among the various forms of malware that are delivered via email is ransomware. Mimecast found that 78 percent of organizations that experienced a ransomware attack over the past year reported that downtime lasted for more than one day.