Six months into this unprecedented pandemic, there has been a seismic shift in the way businesses operate. With a large portion of the global workforce now working remotely, email use for business communications is at an all-time high - and so is the digital risk that users and organizations face online daily.

Email is the preferred method for sharing sensitive data and a key communication channel that businesses cannot afford to lose access to for any period of time. Threat actors are exploiting this increased dependence on cloud email to steal sensitive data and deliver dangerous malware - crafting sophisticated new attacks and distributing these malicious campaigns using their existing networks.

We’ve identified the most disturbing email security trends that are putting businesses of all sizes, throughout all industries, at increased risk of suffering a cyber attack or breach. Since awareness is so critical in mitigating risk, we've outlined these most significant trends to assist with protecting your users. 

 

The Digital Attack Surface Has Drastically Increased with the Proliferation of Cloud Platforms

The sudden rise in remote workers has increased the digital attack surface significantly. Businesses have far more touch points than ever before - which can provide malicious hackers with easy entry into corporate networks and systems if these potential points of compromise are not adequately secured. To make matters worse, it is not uncommon for remote workers to use insecure networks and devices shared with other users. DocuSignPhishingThumbnail

Many companies have migrated to cloud platforms like Office 365 and G Suite to fulfill their communication and collaboration needs. Without critical additional layers of security defenses in place, cloud email users are highly vulnerable to credential phishing attacks and account takeovers. 

To fortify cloud email against today’s sophisticated threats, Gartner security experts recommend “a strategic approach to security that layers inbound, outbound and internal detection and remediation”. An effective supplemental cloud email security solution should provide automated multi-layered defenses and continual email analysis, and should offer seamless integration, simplified deployment, advanced intelligence and complete visibility. 

 

Key Findings: 

  • Thirty-percent of credential phishing attempts bypass existing cloud email security defenses and are opened by target users.
  • Despite built-in security defenses, 40% of Office 365 customers have experienced credential theft nevertheless.
  • About 40% of Office 365 customers plan to supplement their security with a third-party solution by 2023.

Additional Resources: Learn more about the hidden dangers of cloud email and how to safeguard remote workers in Office 365 in this blog post.

 

Phishing Scams Are A Harder Catch Than Ever

Phishing attacks have dominated the email threat landscape for decades; however, businesses’ increased reliance on cloud email, the proliferation of SaaS cloud-based platforms and anxieties surrounding the pandemic have led to a resurgence inWorkingRemoteCloudEmailDangersThumbnail this notorious threat. Our EnGarde Cloud Email Security platform has identified and blocked more phishing emails in August of 2020 than in any month prior throughout our 21-year history.

Not only has the number of phishing scams risen exponentially in recent months, so has the sophistication and specificity of these attack campaigns. Phishers employ advanced social engineering techniques and stealthy fileless and payload-less tactics to craft highly targeted scams designed to evade security defenses and trick even the most security-aware users into sharing credentials and downloading malware. 

 

Key Findings: 

  • 95% of cyber attacks begin with a phishing email.
  • There has been a 600% increase in phishing attacks due to COVID-19.
  • Users are now three times more likely to click on a malicious link embedded in a phishing email and then disclose their account credentials than they were pre-COVID. 

Additional Resources: Get tips for recognizing and protecting against phishing scams in this blog post.

 

Ransomware Attacks Have Risen Sharply with the Emergence of RaaS

Ransomware is on the rise, carrying heavy costs for victims including data loss, significant downtime, financial loss and reputation damage. The growing potential for threat actors to profit from ransomware attacks is driving rapid innovation in ransomware development. Ransomware-as-a-Service (RaaS) schemes on the dark web - which enable individuals and groups to have a disproportionately large impact relative to their knowledge and skills - are expediting this innovation, and are expected to become increasingly prevalent in the coming years.

Mobile ransomware is at the forefront of modern ransomware development. Because mobile phones often lack adequate security defenses and contain valuable information, cyber criminals are devoting more time and resources to mobile ransomware development than ever before and, as a result, this emerging type of ransomware is becoming increasingly prevalent and problematic. 

 

Key Findings: 

  • A ransomware attack occurred every 14 seconds in 2019.
  • Thirty-four percent of all malware attacks on organizations used ransomware, particularly where ransomware operators demanded a ransom in exchange for not disclosing stolen data.
  • SMBs are a disproportionately large target for ransomware attacks, with 60% of these companies going out of business within six months of an attack.

Additional Resources: Learn how to prevent ransomware attacks in this blog post.

 

CEO Fraud is a Growing Threat to All Employees and Executive Team Members

CEO fraud, also known as whaling or Business Email Compromise (BEC), is at the forefront of the modern email threat landscape, with attacks being reported in all 50 states and in 150 countries. This dangerous impersonation scam is not only a concern for C-suite executives - finance, HR and IT employees and all members of a company’s executive team are popular targets for CEO fraud attacks given their roles and the access they have to sensitive information and funds.

The FBI has warned multiple times of sophisticated COVID-19 related BEC scams exploiting cloud email services to steal users’ account credentials, and is urging businesses to take immediate action by implementing critical additional layers of protection in Office 365 and G-Suite.

 

Key Findings: 

  • Between 2016 and 2019, BEC scams resulted in $26 billion in reported losses for businesses worldwide.
  • BEC scams accounted for half of total losses due to cyber crime in 2019.
  • The average loss per BEC complaint reported in 2019 was nearly $75,000.

Additional Resources: Learn how CEO fraud works and get advice on how to prevent these attacks in this blog post.

 

Cybersecurity Should Be a Top Priority Amid the COVID-19 Pandemic

It is no secret that 2020 has been a challenging year for most companies. In many cases, cyber security has been put on the back burner, as organizations scramble to adapt and adjust to our ‘new normal’. However, the reality is that in this heightened digital threat landscape, cyber security has never been more important. 

The COVID-19 crisis had driven rapid, widespread migration to Office 365 and G Suite to meet businesses’ email needs, providing threat actors with the perfect environment to craft timely, convincing email scams that appeal to recipients’ sense of urgency and fear surrounding the pandemic. Many of the COVID-related phishing scams that have been identified use language like "masks", "test", "quarantine" and "vaccine", and these malicious emails often contain real company logos, trademarks, copyrights and HTML/CSS. One such scam includes legitimate information about a company's telework policies and others are filled with potentially useful information about COVID-19 - signed by the White House and President Donald Trump. Phishing campaigns advertising bogus SBA loan emails, phony COVID-19 tests and fraudulent antibody treatments have also been detected. Attackers are using these scams to gain a foothold on corporate systems by tricking employees and their family members into engaging with and enabling their malicious campaigns.

Guardian Digital has detected a steady uptick in malicious phishing emails that appear to come from trusted government sources such as the White House, the CDC, the World Health Organization and the Department of Health and Human Services as this crisis continues. We’ve also identified an increase in the Ursnif, Emotet and Fareit trojans, which leverage phishing emails referencing the term "COVID-19" to convince users to click on links and download malware. 

Phishing attacks involving COVID-19 schemes have become the norm and likely continue well into the future. Even after we emerge from this pandemic these new threats will persist, as cyber thieves now have a mechanism in place to distribute phishing attacks exploiting the latest trends - including the upcoming election. Guardian Digital has also detected creative campaigns related to package delivery, changes to insurance regulations and requirements, industry events and meetings, disaster relief, and other issues that demonstrate methods and tactics similar to those used in notorious COVID-related phishing scams. 

 

Key Findings: 

  • Sixty-two percent of organizations will tighten their 2021 IT budgets due to COVID-19.
  • Ninety-three percent of businesses are extremely concerned about security.
  • Twenty-two percent of organizations plan to spend more on security in 2021 than in 2020.

Next Steps

The dominant theme of 2020 has been the scale and impact of cyber attacks on our society. Effectively securing users and data in this era of heightened digital risk demands a defense-in-depth approach to security and expert, managed services. Signature-based antivirus software and endpoint security solutions alone are insufficient in combating today’s advanced exploits like spear phishing, CEO fraud and fileless malware, which are crafted specifically to evade detection.

Now more than ever, businesses cannot afford to leave their email accounts inadequately protected. It is critical to keep in mind that the cost of a successful cyber attack or data breach could be a shut-down or worse - permanent closure.

 

Secure your business for the future now by partnering with an industry leader to safeguard your users, your data and your brand. 

Let’s Get In Touch>

Blog Articles