Phishing
and
other
messaging-based
attacks
continue
to
be
a
pervasive
threat,
with
97%
of
companies
seeing
at
least
one
email
phishing
attack
in
the
past
12
months
and
three-quarters
of
firms
expecting
significant
costs
from
an
email-based
attack.
That’s according
to
the
“State
of
Email
Security”
(SOES)
report,
based
on
a
survey
of 1,700
IT
professionals
published
by
Mimecast
this
week.
The
report
also
found
that
the
most
significant
email-borne
threats
continue
to
be
phishing,
ransomware,
and
spoofing.Â
Two-thirds
of
respondents
acknowledged
a
successful
ransomware
attack,
with
companies
in
certain
industries
more
likely
to
be
a
victim,
including
consumer
services
(87%),
energy
(83%),
healthcare
(80%)
and
the
media
and
entertainment
(86%)
sectors.
On
the
spoofing
side,
91%
of
those
surveyed
had
seen
attempts
to
steal
or
use
their
email
domain
in
an
attack,
according
to
the
survey.
The
increased
concern
about
cyberattacks
via
email
and
collaboration
platforms
comes
as
companies
have
shifted
to
hybrid
work
environments,
making
tools
like
Slack
and
Microsoft
Teams
popular
ways
of
exploitation
by
opportunistic
cybercriminals. Nearly
three-quarters
of
companies
surveyed
feel
it
is
likely
or
extremely
likely
that
their
company
will
suffer
an
attack
delivered
through
their
collaboration
tools,
according
to
the
study,
which
was
conducted
by
market
research
firm
Vanson
Bourne.
“While
email
remains
the
primary
attack
vector
for
bad
actors,
collaboration
tools
provide
a
new
threat
surface
for
cybercriminals
to
infiltrate,”
the
report
stated.
“And
this,
in
turn,
creates
even
more
risk
for
CISOs
and
their
teams
to
manage.”
Though
certainly
not
a
new
area,
attacks
on
messaging
and
collaboration
software
are
a
growing
source
of
compromise
for
companies.
In
its
quarterly
“Phishing
Activity
Trends
Report,”
the
Anti-Phishing
Working
Group
(APWG)
detected
1.3
million
attacks
in
third
quarter
of
2022,
up
from
1.1
million
phishing
attacks
in
the
second
quarter
of
2022.
Attackers
are
also
getting
better
at
fooling
defenses
and
sneaking
into
users’
inboxes,
with
19%
of
phishing
attacks
bypassing
platform
defenses,
according
to
a
report
released
in
October.
With
the
ramped-up
activity
comes
more
awareness,
at
least. “More
[company]
leaders
are
increasingly
aware
of
the
dangerous
ramifications
cyberattacks
pose
against
their
business,”
says
Thom
Bailey,
senior
director
of
strategy
at
Mimecast.
“However,
organizations
are
still
behind
the
curve
in
terms
of
security
posture.”
Collaboration
Tools
Expand
Quickly
Collaboration
tools
represent
an
expanding
attack
surface
area,
according
to
the
SOES
survey.
While
the
vast
majority
of
professionals
(90%)
maintain
that
collaboration
tools
are
essential
to
their
company’s
workflow,
keeping
up
with
the
installed
base
of
tools
is
“overwhelming,”
according
to
those
polled.
Two-thirds
of
professionals
(67%)
are
overwhelmed
by
the
number
of
tools,
and
more
than
half
(55%)
have
to
attempt
to
detect
and
manage
tools
downloaded
by
workers
without
approval.
That
said,
whether
the
attacker
uses
email
as
their
vector,
or
Slack
or
Teams,
the
end
goal
is
the
same,
Bailey
says.
“It’s
important
to
remember
that
even
though
the
attack
vector
is
slightly
different,
the
human
end
user
is
still
the
key
target,”
he
says.
“The
majority
of
attacks
targeting
collaboration
channels
leverage
the
human
element,
where
an
adversary
makes
a
compelling
appeal
for
a
recipient
to
engage
with
the
attacker.”
On
the
email
side,
more
companies
are
adopting
email
security
specifications,
such
as
Domain-based
Message
Authentication,
Reporting
and
Conformance
(DMARC)
and
Brand
Indicators
for
Message
Identification
(BIMI)
to
prevent
spoofing.
To
protect
their
domains,
88%
of
survey
respondents
would
like
to
use
the
DMARC
standard
to
make
their
email
more
resilient
to
spoofing
attacks.
Unfortunately,
only
a
bit
more
than
a
quarter
(27%)
have
actually
deployed
the
features,
according
to
the
SOES
survey.
Can
ChatGPT
Help
With
Phishing
as
Well?
While
anti-spam
engines
are
among
the
earliest
applications
of
machine
learning
to
cybersecurity,
most
professionals
aim
to
go
further,
with
92%
either
using
or
planning
to
use
artificial
intelligence
(AI)
features
and
machine
learning
(ML)
to
bolster
their
current
defenses.
Doing
so
can
help
cybersecurity
teams
keep
up
with
attackers,
Bailey
says.
“When
combined
with
natural
language
processing
tools
such
as
auto-encoders
or
large
language
models,
[AI]
can
help
detect
anomalies
in
the
writing
style
and
communication
patterns
of
inbound
emails,
blocking
messages
and
alerting
employees
accordingly,”
he
says.
“It
also
helps
reduce
human
error
…
further
enabling
strained
IT
teams
…
to
offset
critical
workforce
challenges
by
automating
repetitive
tasks
and
streamlining
workflows
to
drive
higher
levels
of
efficiency.”
The
SOES
survey
included
professionals
from
companies
of
various
sizes,
including
15%
with
fewer
than
500
employees,
76%
with
between
500
and
10,000
employees,
and
9%
with
more
than
10,000
employees.
The
top
industry
sectors
represented
by
the
survey
professionals
included
financial
services
(14%),
technology
and
telecommunications
(13%),
retail
(13%),
and
healthcare
(11%).
About Author
