2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Armorblox Email Security Threat Report Reveals 72% Rise in Business Email Compromise Attacks in 2022

preview.jpg?nfe=true&app=MPK&tag=iid~070370c91eaeb9f968401d2ec061e763!rsn~0!cid~f67ad02f71734654970960defba1e7d3!orgId~114710!qt~wVZjDAde-1F!orgNm~START MAGAZINE (Taboola)!role~Preview!mt~photo!fmt~JPEG Baseline&apikey=eisgbz4z5p66hyd97jk8idz56o Armorblox Email Security Threat Report Reveals 72% Rise in Business Email Compromise Attacks in 2022>
The Start Magazine – AP News
Armorblox, today released its second, annual 2023 Email Security Threat Report, which documents the rise in targeted attacks, a shift in trends across a broad range of attacks, and highlights the use of language to bypass existing email security controls. Armorblox’s threat research team compared threat data from 2022 to data collected from 2021’s report and found that Business Email Compromise (BEC) attacks have increased dramatically by 72% year-over-year. Armorblox continues to see high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries, where language in the email is used to compromise a user’s trust. In other trends to watch, vendor compromise and fraud is rising as a new attack vector and graymail is wasting 27 hours of time for security teams each week.

Key findings in the report include: Small and medium-sized businesses (SMBs) are particularly vulnerable to vendor fraud and supply chain email attacks. More than half ofvendor compromise attacks targeted technology organizations (53%). Bad actors are still infiltrating legitimate business workflows to steal sensitive business information. Business workflows involving email notifications were the most compromised, a significant uptick over 2021. Half of all attacks involve sensitive user data, such as user login credentials (52%). BEC attacks continue to evolve. Language remains the main attack vector in 4 out of 5 (77%) BEC attacks that bypassed legacy solutions in 2022. With the widespread use of email for business communications, half of account compromise attacks targeted SMBs (58%), proving to be a persistent and prevalent threat. 20% of BEC attacks involved graymail or unwanted solicitation and security teams can find themselves spending upwards of 27 person hours a week manually sorting and deleting graymail across inboxes. Of all attacks in 2022, half bypassed legacy security filters (56%). In 2022, there was a 70% increase in phishing attacks, compared to 63% in the previous year. Further, financial fraud attacks such as payroll, payment, and invoice fraud increased by 72% over 2022 and are expected to continue to rise in 2023 with banking turmoil in the headlines
Link: http://thestartmagazine.com/article/920b585d-3453-4706-0868-02b63abd4904

Categories:

Tags: