Phishing emails have spiked this year, outgrowing malware

Why try to trick a system when you can just fool the user?

Mimecast's Email Security Risk Assessment testing programme has highlighted a huge rise in the number of payload-less impersonation attacks, which email security solutions struggle to stop.

While malware and ransomware are often listed as businesses' main concerns for email security, Mimecast found that impersonation attacks - where an attacker imitates someone else in the organisation, usually to facilitate a money transfer or steal credentials - were missed seven times more often than email-borne malware.

That news probably won't surprise most of our readers, who know that humans are the weakest link in the security chain. Why try to work around a secure system, when you could just trick the person behind it instead?

Instances of impersonation via email rose almost 50 per cent compared to the previous quarter, while emails with a payload - such as malware attachments or dangerous file types - rose 15 per cent.

"Impersonation attacks are an easy and effective way to dupe unsuspecting victims by gaining trust through a combination of social engineering and technical means," said Ed Jennings, COO at Mimecast. "This latest ESRA report reveals that many email security providers are leaving organisations very vulnerable to these often hard to detect impersonation attacks. Cybercriminals know that many traditional email security services are improving their ability to stop email-borne malware, but remain ineffective against impersonation attacks."

Over the almost two years that Mimecast has been running its ESRA programme, it has inspected more than 55 million emails, finding 12.4 million pieces of spam; 9,000 emails containing dangerous file types; 1,800 known and 690 unknown emails with malware attachments; and almost 19,000 impersonation attacks.