With a large portion of the global workforce now working remotely due to the pandemic, businesses’ reliance on cloud email has reached all-time high - and so has the digital risk that users and organizations face online daily. Cloud email has become a favorite target among cyber criminals, who are exploiting frequent misconfigurations, inadequate built-in protection and the inherent uniformity of cloud platforms to steal sensitive data and deliver dangerous malware in sophisticated, evasive attack campaigns.

We’ve identified the most dangerous email security trends putting businesses at risk of suffering a cyberattack or a breach in 2021:

  • The digital attack surface has increased with the proliferation of Office 365 and Google Workspace for business.
  • Phishing scams are more sophisticated and evasive than ever.
  • Ransomware risk has skyrocketed with the emergence of Ransomware-as-a-Service (RaaS).
  • CEO fraud is a growing threat to all employees and executive team members.
  • Cybersecurity needs to be to be a top priority in 2021 and beyond, as COVID-related attacks have positioned cyber thieves to distribute dangerous phishing scams exploiting the latest trends.

To help you set your business up for security and success, let’s take a closer look at the threats you face online daily, and measures you can take to mitigate your digital risk.

The Digital Attack Surface Has Increased with the Widespread Adoption of Cloud Platforms

The sudden shift to a largely remote workforce has led many businesses to migrate their email to the cloud, increasing the digital attack surface significantly. Businesses have far more touch points than ever before - which can provide malicious hackers with easy entry into corporate networks and systems if inadequately secured. It is also common for remote workers to use insecure networks and devices shared with other users, further increasing their company’s digital risk.

Many businesses have migrated to cloud platforms like Office 365 and Google Workspace to fulfill their communication and collaboration needs, but have sacrificed security in doing so by failing to implement supplementary protection . Without critical additional layers of security defenses in place, cloud email users are highly vulnerable to credential phishing, ransomware and other malicious attacks in these platforms. 

To fortify cloud email against today’s sophisticated threats like spear phishing and fileless malware, Gartner security experts recommend “a strategic approach to security that layers inbound, outbound and internal detection and remediation”. An effective supplementary cloud email security solution should provide automated multi-layered defenses and continual email analysis, and should offer seamless integration, simplified deployment, advanced intelligence and complete visibility. 

Key Findings: 

  • Despite built-in security defenses, 40% of Office 365 customers have experienced credential theft nevertheless.
  • About 40% of Office 365 customers plan to supplement their security with a third-party solution by 2023.

Additional Resources: Learn more about the hidden dangers of cloud email and how to safeguard remote workers with critical additional email defenses in this blog post.

Phishing Scams Are A Harder Catch Than Ever

Phishing attacks have dominated the email threat landscape for decades; however, businesses’ increased reliance on cloud email, the widespread deployment of inherently insecure and frequently misconfigured cloud and persistent anxiety surrounding the pandemic have led to a resurgence in this notorious threat. Our EnGarde Cloud Email Security platform has identified and blocked more phishing emails in 2020 than in any other year throughout our 21-year history - the majority of which exploit the pandemic.

Not only has the number of phishing scams risen exponentially in recent months, but so has the sophistication and specificity of these attack campaigns. Phishers employ advanced social engineering techniques and stealthy fileless and payload-less tactics to craft highly targeted scams designed to evade security defenses and trick even the most security-aware users into sharing credentials and downloading malware.

Key Findings: 

  • Over 90% of all cyber attacks begin with a phishing email.
  • There has been a 600% increase in phishing attacks due to COVID-19.
  • Users are now three times more likely to click on a malicious link embedded in a phishing email and then disclose their account credentials than they were pre-COVID. 

Additional Resources: Get tips for recognizing and protecting against common holiday-themed phishing scams in this blog post.

Ransomware Attacks Have Risen Sharply with the Emergence of RaaS

Ransomware is on the rise, carrying heavy costs for victims including data loss, hefty recovery costs, serious reputation damage and significant, expensive downtime or worse - permanent business closure. The growing potential for threat actors to profit from ransomware attacks is driving rapid innovation in ransomware development. Ransomware-as-a-Service (RaaS) schemes on the dark web - which enable individuals and groups to have a disproportionately large impact relative to their knowledge and skills - are expediting this innovation, and are expected to become increasingly prevalent in 2021.

Mobile ransomware is at the forefront of modern ransomware development. Because mobile phones often lack adequate security defenses and contain valuable information, cyber criminals are devoting more time and resources to mobile ransomware development than ever before and, as a result, this emerging type of ransomware is becoming increasingly prevalent and problematic for businesses.

Key Findings: 

  • A ransomware attack occurred every 14 seconds in 2019.
  • Thirty-four percent of all malware attacks on organizations used ransomware.
  • SMBs are a disproportionately large target for ransomware attacks, with 60% of these companies going out of business within six months of an attack.

Additional Resources: Learn how to prevent and recover from a ransomware attack in this blog post.

CEO Fraud is a Growing Threat to All Employees and Executive Team Members

CEO fraud, also known as whaling or Business Email Compromise (BEC), is a central component of the modern email threat landscape, with attacks being reported in all 50 states and in 150 countries. This dangerous impersonation scam is not only a concern for C-suite executives - rather, finance, HR and IT employees as well as all members of a company’s executive team are popular targets for CEO fraud attacks given their roles and the access they have to sensitive information and funds.

The FBI has warned multiple times of sophisticated COVID-19 related BEC scams exploiting cloud email services to steal users’ account credentials, and is urging businesses to take immediate action by implementing critical additional layers of protection in Office 365 and Google Workspace.

Key Findings: 

  • Between 2016 and 2019, BEC scams resulted in $26 billion in reported losses for businesses worldwide.
  • BEC scams accounted for half of total losses due to cyber crime in 2019.
  • The average loss per BEC complaint reported in 2019 was nearly $75,000.

Additional Resources: Learn how CEO fraud works and get advice on how to prevent BEC attacks in this blog post.

Cybersecurity Needs to be a Top Priority in 2021 and Beyond

It is no secret that 2020 was a challenging year for most companies. In many cases, cybersecurity has been put on the back burner, as organizations scramble to adapt and adjust to accommodate remote workers. However, the reality is that in this heightened digital threat landscape, cybersecurity has never been more important. 

The COVID-19 crisis had driven rapid, widespread migration to Office 365 and Google Workspace to meet businesses’ email needs, providing threat actors with the perfect environment to craft timely, convincing email scams that appeal to recipients’ persistent fear and uncertainty surrounding the pandemic. Many of the COVID-related phishing scams that have been identified use language like "test" or "vaccine", and these malicious emails often contain real company logos, trademarks, copyrights and HTML/CSS. One such scam includes legitimate information about a company's telework policies and others are filled with potentially useful information about COVID-19. Phishing campaigns advertising bogus SBA loan emails, phony COVID-19 tests and fraudulent antibody treatments have also been detected. Attackers are using these scams to gain a foothold on corporate systems by tricking employees and their family members into engaging with and enabling their malicious campaigns.

Guardian Digital has detected a steady uptick in malicious phishing emails that appear to come from trusted government sources such as the White House, the CDC, the World Health Organization and the Department of Health and Human Services as this crisis continues heading into the new year. We’ve also identified an increase in the Ursnif, Emotet and Fareit trojans, which leverage phishing emails referencing the term "COVID-19" to convince users to click on links and download malware. 

COVID-themed phishing attacks have become the norm and will continue well into the future. Even after we emerge from this pandemic these new threats will persist, as cyber thieves now have a mechanism in place to distribute phishing attacks exploiting the latest trends. Guardian Digital has also detected creative campaigns related to package delivery, changes to insurance regulations and requirements, industry events and meetings, disaster relief, and other issues that demonstrate methods and tactics similar to those used in notorious COVID-related phishing scams.

Key Findings: 

  • Sixty-two percent of organizations will tighten their 2021 IT budgets due to COVID-19.
  • Ninety-three percent of businesses are extremely concerned about security.
  • Twenty-two percent of organizations plan to spend more on security in 2021 than in 2020.

Next Steps

The scale and impact of cyberattacks on our society was a dominant theme of 2020. Effectively securing users and data in this era of heightened digital risk demands a defense-in-depth approach to security and expert, managed services. Signature-based antivirus software and endpoint security solutions alone are insufficient in combating today’s advanced exploits like spear phishing, CEO fraud and fileless malware, which are crafted specifically to evade these methods of detection.

Now more than ever, businesses cannot afford to leave their email accounts inadequately protected. It is critical to keep in mind that the cost of a successful cyber attack or data breach could be a shut-down or worse - permanent closure.

Secure your business for the future now by partnering with an industry leader to safeguard your users, your data and your brand. 

Get a Demo>

Blog Articles