Every now and then, an email with a catchy subject line appears in your inbox and you end up clicking on it, either because you’re curious about the subject line or because you assume the sender is trustworthy. Unfortunately, this is how most cyberattacks tend to begin – with a single click. What unfolds next only puts the security of your business at risk. Whether you clicked on a link or the unsubscribe button in the email, you would have potentially opened the floodgates to the possibility of single or multiple cyberattacks that could hold your business’ future hostage. According to ProofPoint’s Human Factor 2019 report, more than 99 percent of cyberattacks require human interaction to succeed. That’s why email security should be at the very top of your business’ cybersecurity concerns.
This blog will help you and your staff understand how cybercriminals use emails as their weapon of choice, what are the top cyberthreats making their way into your inbox every day, and how you can launch a robust counterattack of your own.
The Art of Cyber Deception
There is a greater psychological aspect to cyberattacks than you might think. Cybercriminals are hitting their targets by deceiving you and making you act irresponsibly, and in the midst of all the Covid adjustments, more consistently than ever before. They are constantly developing and deploying sophisticated social engineering tactics to fool unassuming recipients. “They quickly adapt and keep the number of targeted users low. This makes it really hard to detect,” explained Elie Bursztein, (Leader Google’s anti-abuse research team), from observations of how attackers have been updating their designs to make them more efficient.
Regarding phishing emails alone, Google reported that 68 percent of phishing emails blocked by Gmail were new variations that were never seen before. Cybercrime is constantly evolving to match advancements in technology. Being overconfident about your defenses or defensively underprepared is certainly not a viable stance anymore. It’s time to adopt a proactive approach rather than a reactive one to counter this deception. Before we talk about how you can build a formidable defense against email attacks, let’s take a look at the top cyberthreats that frequently make their way into your inbox and wreak havoc.
Phishing involves hackers deploying various social engineering tactics to tempt users into clicking on malicious links and unwittingly giving up confidential information, such as user credentials. Cybercriminals invest a tremendous amount of effort into assuming the identity of a trusted source, making sure that it is YOU who lets them into the system. Once they’re in, they can either install malware on your network’s systems, access and misuse sensitive data, or simply lock your systems and demand a hefty ransom. Data suggests that this menace is only growing stronger. Studies done in 2020 show some concerning trends. For example, 22 percent of all breaches in 2020 involved phishing & 18.6 percent of users that clicked on simulated phishing campaigns demonstrated a willingness to submit credentials or requested data.
Business Email Compromise (BEC) and Spear Phishing
In a business email compromise (BEC) scam, the attacker hacks into your business email account to impersonate employees or any of your organization’s important leaders with intent to defraud your company and its stakeholders into sending money or sharing sensitive data. Spear phishing works in a similar fashion wherein the attacker dupes the user by creating a façade that the malicious email originated from a trusted source. A GreatHorn report stated that BEC attacks ballooned by nearly 100 percent in 2019 and is only expected to continue to trend upward.
Taking identity impersonation one step further, account takeovers exploit your compromised user credentials to target both your business’ and your financial stability and reputation. Cybercriminals can go to the extent of accessing other accounts, such as bank accounts and financial statements, to carry out fraudulent transactions. Simply put, the attacker will not just target your business, but utilize it as a gateway to also exploit customer data simultaneously. The 2020 Global Identity and Fraud Report by Experience revealed that 57 percent of enterprises reported higher fraud losses due to account takeovers.
A ransomware attack occurs when a hacker breaches your network’s security, encrypts your data and demands a hefty ransom for the restoration of that data. To put this into perspective, in Q2 2020, average ransom demands were measured at $178,254, which was 60 % higher than in Q1 2020 and a whopping 432% higher than in Q3 2019 ($41,198).
Investigations performed on previously confirmed Ransomware attacks to date, have not shown definitive evidence of theft or exposure of data, only the encryption. However, to add to the ongoing uncertainty that is 2020, within the last year, there has been change up in the behavior of Ransomware hits. These cybercriminals have changed tactics and are now claiming to be exfiltrating copies of business data before encrypting it. They are then leveraging an additional blackmail threat to include exposing the data if the ransom demand is not paid.
Insider Threats: The Human Element
Insider threats are posed by individuals within your organization or closely related to it, such as current or former employees, vendors and partners. Acting unwittingly or out of malice, they can easily let an attacker into the system, leaving all your sensitive data exposed.
In fact, according to Verizon in their 2020 Data Breach Investigation Report, over one-third of data breaches worldwide involved internal actors. An Egress study revealed that 31 percent of employees have mistakenly sent an email containing sensitive data to the wrong person. While your confidence in your employees is well-founded and justified, we ought to remind you – to err is human and your employees are you weakest link.