Email impersonation attacks: a clear & present danger

Larry Ponemon

Most companies admit that it is likely they experienced a data breach or cyberattack because of such email-based threats as phishing, spoofing or impersonation and they are concerned about the ongoing risk of such threats. However, as shown in this research there is a disconnect between the perceived danger of email-based threats and the resources companies are allocating to reduce these risks.

Sponsored by Valimail, Email Impersonation Attacks: A Clear & Present Danger, was conducted by Ponemon Institute to understand the challenges organizations face to protect end-users from email threats, such as impersonation attacks. Ponemon Institute surveyed 650 IT and IT security professionals who have a role in securing email applications and/or protecting end-users from email threats.

The risks that are causing IT security practitioners to lose sleep are phishing emails directed at employees, executives, customers and partners; and email as a vector for cyberattacks. When asked what measures or technologies will be deployed in the next 12 months to prevent impersonation attacks, more companies say they will be using secure email gateway technology, DMARC, DKIM and anti-phishing training for employees. In fact, more companies will be using automated solutions to improve email trust.

We were surprised to see a vast majority of companies who believe that they have had a breach involving email but are not yet embracing automated anti-impersonation solutions to protect themselves proactively. Adopting fully automated solutions for DMARC enforcement that provide email authentication will help companies get ahead of the attackers and build trust with their clients and end users.

The following findings illustrate the disconnect between concerns about email threats and fraud and the lack of action taken by companies represented in this study. 

  • Eighty percent of respondents are very concerned about the state of their companies’ ability to reduce email-based threats, but only 29 percent of respondents are taking significant steps to prevent phishing attacks and email impersonation. 
  • Only 27 percent of respondents say they are very confident that their organization knows all of the vendors and services that are sending email using the organizations’ domain name in the “From” field of the message. 
  • Companies have complex email environments. On average, companies in this research have more than 1,000 employees, six servers and 15 cloud-based services that send email on their behalf. However, only 41 percent of respondents say their organizations have created a security infrastructure or plan for email security. 
  • Despite the ineffectiveness of anti-spam and anti-phishing filters, they have been the primary solution for preventing email-based cyberattacks, and impersonation. Sixty-nine percent of respondents say their organizations use anti-spam or anti-phishing filters and 63 percent of respondents say they use these technologies to prevent impersonation attacks.
  • Companies are not spending enough to prevent email-based cyberattacks and fraud. While there is a sense of urgency among respondents to address the numerous threats against their email systems, only 39 percent of respondents say their organizations are spending enough to protect email from cyberattacks and fraud.

Because the risks discussed above are not being addressed, most companies believe they had a material data breach or cyberattack during the past 12 months that involved email. Seventy-nine percent of respondents say their organizations certainly or likely experienced a serious data breach or cyberattack during the past 12 months such as phishing or business email compromise. More than 53 percent of respondents say it is very difficult to stop such attacks.

“With the dramatic rise in impersonation attacks as a primary vector for cyberattacks, companies are re-assessing the balance of their security efforts,” said Alexander García-Tobar, CEO and co-founder of Valimail. “While traditional approaches are good for filtering malicious content and blocking spam, impersonation attacks can only be stopped with email anti-impersonation solutions. Individuals at all levels of a company, including customers and clients, are vulnerable to phishing, fraud, and impersonation attacks.”

To read the full study, click here and visit Valimail’s site. 

Leave a Reply

Your email address will not be published. Required fields are marked *