The growing threat of cybercrime, from inside and outside the organization, calls for robust countermeasures. We take a look at some of the Status Quo from 2020, so that we can put our focus on what's needed to keep the cyberattackers at bay.
The cybersecurity sector has rapidly grown in 2020. By 2022, it is expected to reach $170.4 billion. Every industry is concerned with protecting sensitive digital information - from healthcare, medical, and biotech industries, to communications, PR, and advertising, to military, aerospace, defense industries, and many more.
Social cyberattacks (through phishing and compromised emails) are the leading cause of computer security breaches, alongside credential theft and human errors.
NetSTAR declares that the number of phishing attacks increased during COVID-19. In some areas, this number has more than doubled, while it rose over a staggering 600% in others.
Phishing emails are those that impersonate well-known brands and companies. The most common brands that are impersonated in phishing emails are:
- Apple (10%)
- Netflix (9%)
- Yahoo (6%)
- WhatsApp (6%)
- PayPal (5%)
- Chase (5%)
- Facebook (3%)
- Microsoft (3%)
- eBay (3%)
- Amazon (1%)
With the outbreak of a global pandemic, hackers altered their tactics to target those who have transitioned to working from home; now, one of the most impersonated brands in email attacks is Zoom.
Verizon states that 60% of phishing attempts are aimed at people’s credentials, while 50% are also looking for additional personal information. Some other types of information that can be obtained during a phishing attack are:
- Medical records
- Bank statements
- Classified information
- Payment records
- IT system data, and more
Because scammers are particularly focused on money, payment and invoice fraud has increased by 112% in the first half of 2020. Finance employees are the most likely targets of these phishing emails, at 87%, compared to individuals working in other industries.
Malicious Email Attachments
Even though the year 2020 was most certainly the year of phishing attacks, we shouldn’t ignore the presence and prevalence of other types of malicious emails. Malware email attachments are designed to collect data and corrupt the information on a user’s computer.
In the second quarter of 2020, the number of malicious attachments increased by about 6.5 million since last year.
It is essential to know that malicious attachments don’t only come in the form of .exe files. In fact, according to Symantec, the most common type of malicious attachments are .doc and .dot files (37%), followed by .exe at 19.5%.
How to Increase Email Security
In light of all these statistics and ever-increasing phishing and other email threats, improving personal and business email security is critical. Here’s how to do that:
- Learn how to recognize phishing emails.
- Don’t click on links or download attachments that you don’t know the source of.
- Train and educate your employees on how to reduce the chances of having their credentials stolen. Human error is still a major contributing factor to data leaks and financial loss.
- Always validate the email sender, confirming they are legitimate before you take any action.
- Utilize advanced protection software against business email compromise (BEC).
- Encourage your staff members to report any phishing attempts, no matter how obvious they may seem.
Finally, turn to email security solutions that work. Feel free to reach out to us for additional information and advice on how not to become yet another email attack statistic in 2020.