#Privacy: Research reveals rapid increase in BEC attacks

A report by Mimecast found a 269% increase in the number of BEC attacks during the second quarter of 2019. 

The report identified a significant increase in Business Email Compromised (BEC) attacks, emails containing dangerous files types, malware attachments and spam – all of which were being delivered to the inboxes of users with incumbent email security systems. 

Mimecast explained that BEC attacks are on the rise, as they can easily evade many traditional email security systems. The Email Security Risk Assessment (ESRA) report identified a 269% increase in these particular type of attacks, in comparison to last quarter.

These findings are supported by the recent State of Email Security 2019 report, where it was discovered that 85% of the respondents had experienced an impersonation attack in 2018 – to which 73% of the victims had reporting experiencing a direct business impact. 

In addition to BEC attacks, the ESRA report found that cybercriminals have been successfully utilising other methods to target organisations. The report identified 28,783,892 spam emails, 28,808 malware attachments and 28,726 dangerous file types.

It is evident from the results that there is a need for the entire industry to continue to work towards a higher standard of email security.

“This ESRA report pointed out that impersonation attacks continue to menace all types of organizations, but I think the real issue is that there are tens of thousands email-borne threats successfully able to bypass the email security systems that organizations’ have in place, effectively leaving them vulnerable and putting a lot of pressure on their employees to discern malicious emails,” said Joshua Douglas, vice president of threat intelligence at Mimecast. 

“Cybercriminals will always look for new ways to bypass traditional defences and fool users. This means the industry must focus their efforts on investing in research & development, unified integrations and making it easier for users to be part of security defences, driving resilience against evolving attacks.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/