Email attacks ranging from opportunistic spam to highly targeted impersonation attacks are getting through organisations’ native email security systems in large numbers and variety.
This was one of the findings from Mimecast, a leading email and data security company, which today released its latest quarterly Email Security Risk Assessment (ESRA), an aggregated report of tests that measure the efficacy of widely used email security systems.
The report shows the need for the entire industry to continue to work toward a higher standard of email security.
Many organisations think their current email security systems are up to the task of protecting them from phishing.
Unfortunately, many of them fall short and do not keep their organisations safe. The latest quarterly ESRA report found 26,305,457 spam emails, 27,156 malware attachments, 55,190 impersonation attacks and 466,905 malicious URLS, were all missed by incumbent providers and delivered to users’ inboxes, an overall false negative rate of 11% of inspected emails.
Impersonation and phishing attacks are becoming a growing problem. According to the recently launched State of Email Security 2019 report, more than 80% of South African respondents experienced an impersonation attack in 2018, with 69% of those victims having experienced a direct business impact – like financial, data or customer loss.
Not only that, but 88% of the respondents said they experienced a phishing attack, with 45% noting an increase in this type of attack year over year. This reaffirms the need for the industry to continue to provide better efficacy in their email protection to help organisations strengthen their cyber resilience to keep their data and communications safer.
“Today’s threat landscape continues to evolve as cybercriminals adapt their attack methods, particularly email-borne attacks, to evade the detection of traditional security solutions. This is becoming a huge problem for companies regardless of size — across the globe. The ESRA results offer deep insights so our customers can better understand the types of attacks threatening their business,” said Joshua Douglas, vice president of threat intelligence at Mimecast. “Through better email security, paired with improved security awareness, Mimecast can help customers build a comprehensive cyber resilience strategy that prepares them to take on and defend against both known and unknown cyber threats.”
 Specific security policy settings and controls of the incumbent email security system are directly managed by the individual customers of these other vendors.
This article was published in partnership with Mimecast.