As our reliance on online communications and transactions continue to rise, individuals and businesses are becoming more vulnerable to cybersecurity risks. The intensive use of emails in the remote working space remains to be dangerous as it is a platform identified as one of the weakest systems in terms of security—an instrument by which cybercriminals launch attacks such as malware, viruses, and spam. This report will present the various email security issues and trends and give recommendations as to how you can protect yourself and your business.
COVID email scams
The global health emergency created another opportunity for hackers to attack citizens from around the world. Since the beginning of the pandemic, COVID-19-related email scams have been prevalent. This has become a common phishing method, with cybercriminals posing to be reputable organizations such as the World Health Organization or the US Department of Health and Human Services. In Australia, $3.3 million were lost due to COVID-related scams. These attacks deceive users into clicking the malicious links or triggering the download of malware, and eventually exposing the user’s data such as confidential information and financial details.
Barracuda researchers found that scamming, brand impersonation, and business email compromise (BEC) are among the top 3 types of attacks that highlight COVID-19 themes.
More aggressive phishing
Hackers are getting more aggressive in launching their attacks. Barracuda researchers observed an increase in spear-phishing attacks since the wake of the pandemic. Between March 1 and 23, a total of 467,825 spear-phishing email attacks were reported. Cybercriminals relied heavily on inducing fear to the public. In March 2020, a 667 percent rise in email phishing attacks was recorded.
Attacks on organizations
Aside from consumers, cybercriminals mainly target businesses. This year, the average loss from Business Email Compromise (BEC) is $80,183. In Australia alone, the VPN Research Team finds that 99,321 scams were reported, accounting for $89.6 million in losses. This is an increase of more than 13% from the same period in 2019. Major sectors targeted by scammers are governments, financial service providers, and eCommerce, while the human resources departments of companies remain to be the most vulnerable segment because of the many attachments sent for job applications and other HR functions.
Financial related fraud on the rise
Subsequent to the rise of unemployment rates, investment-related fraud topped the email scams for 2020. Online payment users have also been targeted the most, with phishing attacks aiming to get their financial information such as payment details.
These recent trends that come with the new normal we are living shows the huge risk we are exposed to in using emails for our day-to-day transactions. Nevertheless, is possible for individuals and organizations to protect themselves from the rising and smarter cyberattacks in the email platform. This can be done through various methods:
Using email encryption methods
Organizations can invest in encryption methods such as Secure/Multipurpose Internet Mail Extensions (S/MIME). By encrypting the emails, messages can be authenticated and be guaranteed that it is sent to the intended recipient, ensuring the legitimacy and confidentiality of email messages.
Investing in a good antivirus
Antiviruses can detect existing and incoming threats in your system. Because of this, malware, spyware, and payloads can be removed before they can damage your device.
In this information technology age, it is a must for businesses and individuals to protect themselves from email security threats and trends brought by the new normal, safeguarding our day to day transactions from lingering attackers.
GlobalSign offers comprehensive certificate management such as S/MIME for email encryption and added safety to protect emails from unwanted access. Our point-to-point message encryption is also compatible with many popular and enterprise email clients. You can request for a demo here!
To learn more about our company and the full list of products we offer, you may visit our website, or check out our product list for enterprises and the Internet of Things (IoT). For more blog updates, click here.