Email remains popular among hackers as a means of distributing malware and launching phishing and impersonation attacks. In a survey of IT decision-makers and C-level executives conducted by research firm Vanson Bourne, 56 percent of respondents said that phishing attacks continue to increase. Over the past year, 94 percent had seen untargeted phishing attacks and 92 percent had seen targeted spear-phishing attacks. Most respondents also reported seeing email-based impersonation attacks asking the recipient to initiate wire transfers (87 percent) or disclose confidential information (85 percent).
Many of the IT leaders surveyed lack confidence that they can combat these attacks. Nearly 60 percent said their organization is likely to suffer a negative business impact because of an email-borne attack in 2018.
Part of the problem is that legacy email security systems are unable to spot the latest threats. Many of these tools use traditional signature-based techniques — they look for the “fingerprints” of known types of malware and spam and block those that are detected. As threats rapidly evolve, however, these tools simply can’t keep up.
A recent quarterly Email Security Risk Assessment (ESRA) from Mimecast shows how critical this situation has become. As part of the assessment, Mimecast inspected more than 95 million emails, all of which had passed through incumbent email security systems. The ESRA reports on the effectiveness of these systems at detecting and blocking email-borne threats.
The ESRA found that these systems missed 11,653 emails containing known malware, which should be the easiest to identify as they are detectable by commonly deployed antivirus technologies. Additionally, the report noted a continued challenge of protecting organizations from unknown malicious attachments, dangerous files types, impersonation attacks and even basic spam.
More than 14 million pieces of spam, 9,992 emails containing dangerous file types and 849 unknown emails with malware attachments were missed by the incumbent providers and delivered to users’ inboxes. Most notably, 11,653 emails with known malicious attachments passed through these systems, an increase of 532 percent in comparison to the previous quarter’s assessment. One email security product missed more than 83 percent of known malware attachments. Impersonation attacks also continue to be a problem, with one cloud email platform missing more than 76 percent of these attacks.
The key to preventing email-borne attacks is to employ a layered security approach that includes multiple antivirus and antispam techniques along with advanced analytics and threat intelligence. That’s why ICG uses the Mimecast email security platform. Mimecast features three separate AV engines, file sandboxing and more than 100 analytic techniques using both in-house and third-party threat data sources.
Mimecast also continues to enhance its technology through strategic partnerships and acquisitions. In July, the company acquired Solebit, which provides a fast, accurate and computationally efficient approach to the identification and isolation of zero-day malware and other unknown threats. In June, Mimecast announced its partnership DMARC Analyzer to more effectively block impersonation, phishing, spoofing and malware attacks.
ICG’s cloud-based email service incorporates Mimecast Email Security with Targeted Threat Protection to help keep email-borne threats out of our customers’ networks. If you’re concerned about spam, malware, phishing and impersonation attacks, we invite you to contact us for a confidential consultation.