Impersonation attacks targeting organisations rose by 70% in 2019

Impersonation attacks targeting organisations rose by 70% in 2019

Impersonation attacks targeting organisations rose by 70% YoY in 2019

Impersonation attacks carried out by cyber criminals and targeting businesses of all sizes across the world rose by almost 70 percent in 2019 compared to the previous year and resulted in businesses losing valuable customers, data, and money in the process, a new study has revealed.

Mimecast’s State of Email Security report for 2019, which gathered responses from 1,025 IT decision makers at organisations across the globe, has identified impersonation attacks carried out by hostile actors and cyber criminals as a major cyber security threat for businesses of all sizes.

Impersonation attacks having a direct impact on organisations’ finances

Impersonation attacks have truly become the weapons of choice for cyber criminals as, according to Mimecast, such attacks increased by 67 percent over the previous year and 73 percent of organisations targeted by such attacks suffered financial losses, loss of sensitive data, and loss of customers.

While 40 percent of organisations targeted using impersonation attacks (that involve criminals impersonating C-Suite executives or trusted vendors to lure employees into sharing data, credentials, or transferring money) suffered data loss, 29 percent of those targeted suffered financial losses, and 28 percent of them suffered the loss of customers.

Mimecast’s findings are neither surprising nor unique as impersonation attacks have seriously impacted organisations in the past as well. Last year, a survey carried out by Lloyds Bank and Get Safe Online revealed that between 2017 and 2018, the number of reported impersonation fraud cases rose by 58 percent, costing UK-based SMEs an average of £27,000 and impacting nearly half a million of them. Law firms bore the brunt of impersonation fraud scams, suffering 19 percent of all attacks, followed by HR professionals, IT workers and finance companies.

“The rise of impersonation fraud is a very concerning issue for small and medium-sized businesses. We know that falling victim to these types of scams can be serious as the impact extends beyond just the financial implications. This is why we’ve teamed up with Get Safe Online – to help educate business owners and employees on how to recognise these scams and take the right precautions to protect themselves,” said Gareth Oakley, managing director of business banking at Lloyds Bank.

94% of organisations suffered phishing attacks

The Mimecast survey also revealed that 94 percent of organisations across the globe were targeted by phishing attacks via email and 55 percent, or over half of all organisations, reported an increase in phishing attacks in 2019 compared to the previous year.

The scale and volume of email-based cyber attacks, such as phishing and impersonation attacks targeting businesses, is such that they are seriously impacting the morale of IT decision makers and impacting their confidence in their security protocols. As many as 61 percent of IT decision makers are sure of the fact that their organisation will suffer a negative business impact from an email-borne attack this year.

Organisations across the globe are also struggling to cope with business-disrupting ransomware attacks that cause immense downtime and loss of productivity. Such attacks rose by 26 percent compared to the previous year and resulted in 49 percent of organisations suffering downtime for two to three days, and 31 percent of organisations experiencing downtime for four to five days.

“Anyone familiar with the cybersecurity threatscape will not be surprised with these findings. Phishing remains one of the most successful methods of gaining access to a network, with organised gangs leveraging multiple phishing websites from a single IP address, and independent non-technical actors taking advantage of the phishing-as-a-service kits available on the dark web,” says Corin Imai, senior security advisor at DomainTools.

“Not only is this a threat for businesses but for individuals. The best advice for keeping safe online remains vigilance to any unsolicited email, and double checking the URL of any website you visit before inputting any PII or downloading any attachments,” she adds.

ALSO READ: Majority of security pros want their firms to “hack back” cyber criminals

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]