Your Business Email Is Highly Targeted For Attacks

There's a new report out, authored by ProofPoint, and its findings for business are grim.

It's no secret that businesses of all shapes and sizes are coming under increasing fire from hackers around the world.

Now we have hard data that shows us exactly how big of an increase we're seeing.

Here are some of the key findings in the report:

• Email fraud attacks targeting businesses have increased 25 percent in the last quarter alone
• They have increased by a staggering 85 percent from this time last year
• Phishing links sent via social media platforms have increased by 30 percent
• 60 percent of those phishing links specifically targeted individual contributors and lower-level corporate management
• 23 percent of attacks targeted employees working in operations and production
• Incidents of customer support fraud increased by 39 percent, compared to the previous quarter. This increased a whopping 400 percent compared with this time last year

Nick Frost (a co-founder of the Cyber Risk Management Group) had this to say about the disturbing report:

"Key to this is engineering emails and spoofing email addresses to a level of sophistication that fails to alert the recipient that there is anything suspicious about the email.  Techniques such as web crawling and web scraping are able to collect and collate key information about an individual that can be used in crafting an email, accompanied by a link (as part of a phishing attack) to an unsuspecting user.

Whilst there are many legitimate web crawlers and many are enabled for business reasons, there may be organizations and individuals that wish for their information not to be collected and shared either for legitimate or adversarial purposes.  There are tools that organizations can adopt that prevent or even delay web crawlers."

Training is the first line of defense here.  If you're not doing it already, you should be holding regular phishing simulations so your employees become adept at spotting them.