Phishing: Email Fraudsters are Impersonating Colleagues, Clients, and Vendors, Report Says

Jul 20, 2020

Nearly a third of professionals said they have to remediate email-based attacks every day, GreatHorn found.

The latest form of business email phishing attacks involve impersonating familiar senders, a GreatHorn report found. More than a third (36%) of respondents said they are seeing email threats coming into their inboxes every day. 

Professionals are relying on email correspondence more than ever as they adjust to working from home during the coronavirus pandemic. However, cyberattackers also noticed this trend. Between February and March, researchers identified a whopping 667% increase in coronavirus-related email phishing campaigns, Barracuda Networks found.

GreatHorn also acknowledged this uptick, however, the report noted that this view isn’t fully adequate in understanding how phishing email attacks are evolving, and how security teams are responding to those threats.  

Surveying 640 participants between February 2020 and May 2020, GreatHorn found that cybercriminals have begun disguising themselves as people closest to us in our professional lives.

Impersonations are taking over 

Some 35% of respondents said that people impersonation attacks ranked as their top email threat in 2020, according to the report. The scariest part is that nearly half (49%) of professionals are seeing impersonations of colleagues, customers, or vendors.

Brand impersonations are a close runner up, however, with 42% of respondents reporting that their organization had fallen victim to successful phishing attacks that used brand impersonation. This number is a significant increase since 2019, when only 22% reported the same.
Some 10% of respondents cited brand impersonations as their top email threat, another marked increase from 4.8% in 2019, the report found.

Phishing threat remediation takes center stage

More than a third for respondents (34%) said they need to take some form of action every day to remediate threats, the report found. That is nearly double the percentage of respondents who reported the same in 2019 (13%).

Common remediation responses include PowerShell strips, suspending compromised email accounts, resetting compromised application accounts, and taking legal action, according to the report.

“This year’s survey data presents a clear reminder that organizations continue to be inundated with email-based attacks, most notably impersonations, that require constant remediation,” said GreatHorn CEO Kevin O’Brien in a press release.

“It’s impossible to prevent all phishing attacks, which is why it’s so important for IT professionals to reassess their email security strategy by putting a renewed emphasis on risk reduction in order to decrease time to detection (TTD) and time to respond (TTR),” O’Brien said.

Some 40% of respondents said their biggest problem with their current email security solution was missing payload attacks such as malware, malicious attachments, and links. The second biggest issue was missing phishing attacks (39%) including people impersonations, brand impersonations, and even face voicemail scams and invoices.

One area that has decreased is spam/graymail, the report found. While more than half (53%) of respondents in 2019 indicated that spam/graymail slipped past the filter, only 33% said the same in 2020.

However, these filters also sometimes do too good of a job, accidentally filtering out emails that should be in a person’s inbox. Nearly half of respondents (48%) reported having to go to their junk or spam folder within the past week to retrieve an email that should’ve been in their inbox.

Overall, the report found that email-based attacks are on the rise and requiring near-constant remediation. The report recommended professionals adopt a layered approach to security by integrating an email security stack into a central intelligence engine.

By Macy Bayern