Impersonation attacks targeting organisations rose by 70% in 2019

Impersonation attacks targeting organisations rose by 70% in 2019

Impersonation attacks targeting organisations rose by 70% YoY in 2019

Impersonation attacks carried out by cyber criminals and targeting businesses of all sizes across the world rose by almost 70 percent in 2019 compared to the previous year and resulted in businesses losing valuable customers, data, and money in the process, a new study has revealed.

Mimecast’s State of Email Security report for 2019, which gathered responses from 1,025 IT decision makers at organisations across the globe, has identified impersonation attacks carried out by hostile actors and cyber criminals as a major cyber security threat for businesses of all sizes.

Impersonation attacks having a direct impact on organisations’ finances

Impersonation attacks have truly become the weapons of choice for cyber criminals as, according to Mimecast, such attacks increased by 67 percent over the previous year and 73 percent of organisations targeted by such attacks suffered financial losses, loss of sensitive data, and loss of customers.

While 40 percent of organisations targeted using impersonation attacks (that involve criminals impersonating C-Suite executives or trusted vendors to lure employees into sharing data, credentials, or transferring money) suffered data loss, 29 percent of those targeted suffered financial losses, and 28 percent of them suffered the loss of customers.

Mimecast’s findings are neither surprising nor unique as impersonation attacks have seriously impacted organisations in the past as well. Last year, a survey carried out by Lloyds Bank and Get Safe Online revealed that between 2017 and 2018, the number of reported impersonation fraud cases rose by 58 percent, costing UK-based SMEs an average of £27,000 and impacting nearly half a million of them. Law firms bore the brunt of impersonation fraud scams, suffering 19 percent of all attacks, followed by HR professionals, IT workers and finance companies.

“The rise of impersonation fraud is a very concerning issue for small and medium-sized businesses. We know that falling victim to these types of scams can be serious as the impact extends beyond just the financial implications. This is why we’ve teamed up with Get Safe Online – to help educate business owners and employees on how to recognise these scams and take the right precautions to protect themselves,” said Gareth Oakley, managing director of business banking at Lloyds Bank.

94% of organisations suffered phishing attacks

The Mimecast survey also revealed that 94 percent of organisations across the globe were targeted by phishing attacks via email and 55 percent, or over half of all organisations, reported an increase in phishing attacks in 2019 compared to the previous year.

The scale and volume of email-based cyber attacks, such as phishing and impersonation attacks targeting businesses, is such that they are seriously impacting the morale of IT decision makers and impacting their confidence in their security protocols. As many as 61 percent of IT decision makers are sure of the fact that their organisation will suffer a negative business impact from an email-borne attack this year.

Organisations across the globe are also struggling to cope with business-disrupting ransomware attacks that cause immense downtime and loss of productivity. Such attacks rose by 26 percent compared to the previous year and resulted in 49 percent of organisations suffering downtime for two to three days, and 31 percent of organisations experiencing downtime for four to five days.

“Anyone familiar with the cybersecurity threatscape will not be surprised with these findings. Phishing remains one of the most successful methods of gaining access to a network, with organised gangs leveraging multiple phishing websites from a single IP address, and independent non-technical actors taking advantage of the phishing-as-a-service kits available on the dark web,” says Corin Imai, senior security advisor at DomainTools.

“Not only is this a threat for businesses but for individuals. The best advice for keeping safe online remains vigilance to any unsolicited email, and double checking the URL of any website you visit before inputting any PII or downloading any attachments,” she adds.

ALSO READ: Majority of security pros want their firms to “hack back” cyber criminals

Copyright Lyonsdown Limited 2021

Top Articles

Is your security in need of an update this Cybersecurity Awareness month?

Cyber security experts tell teiss about the evolving threat landscape and how organisations can bolster their cyber security defenses

A new case for end-to-end encryption

How a hacker group got hold of calling records and text messages deploying highly sophisticated tools that show signs of originating in China

Telcos in Europe put muscle behind firewalls as SMS grows

Messaging is set to be one of the biggest traffic sources for telcos worldwide prompting them to protect loss of revenue to Grey Route practices 

Related Articles

[s2Member-Login login_redirect=”” /]