New research published by Cyren shows that enterprise email perimeter defenses are often unable to prevent well-designed email attacks.
In an average month, 75 malicious messages per 100 mailboxes escape email security filters such as Microsoft 365 Defender. This means that a company with 5,000 mailboxes would need to detect and respond to 3,750 confirmed malicious threats each month.
The majority (79%) of these threats are phishing emails, which are emails containing URLs leading to web content intended to collect login credentials, personal information or payment data. It is often the prelude to other attacks, such as ransomware.
More than half (55%) of detected phishing, spoofing and malware email attacks were received by more than one user. However, two-thirds of the email attacks were sent to a ten users, suggesting that the attacks were targeted. These target or unique threats are of course more difficult to block.
“Cyber criminals specialize in email deliverability“says Mike Fleck, Vice President of Marketing at Cyren.”One of the ways to do this, which I see very often, is to use legitimate services. So, for example, they use the same e-mailing services that companies use to market their products. They use things that aren’t going to be blocked because their predominant use case is marketing emails from legitimate e-commerce sites..”
The most common technique used by attackers to evade detection is sending email from a well-known webmail domain like gmail.com. This technique represents 32% of the evasion techniques used.
The study reveals that automatic detection models detected 99% of confirmed threats. Of the 1% that required manual analysis, 41% were suspect and 59% turned out to be false negatives.
“The cliché wants man to be the weakest link“, adds Mr. Fleck. “And it’s so easy to say that I think this report says yes, humans are the weakest link, and cybercriminals know that, so they’re attacking your email to get their credentials.“
The report concludes that organizations can greatly improve their ability to prevent attacks by optimizing their abilities to quickly detect and contain evasive phishing.
Source : Cyren
And you?
What do you think ? do you find this study relevant?
What regarding within your company?
See as well :
