Mimecast has released a report showing that there has been a 126% increase in the number of emails containing malicious URLs between August 2018 and February 2019.
Mimecast, a company specialising in cloud-based email management, surveyed to ascertain workplace awareness of cybersecurity issues. The report was based on an analysis of 28.4 million emails that had been marked as ‘safe’ by security filters on email inboxes. These filters failed in nearly 17% of cases, as the researchers discovered 460,000 emails that contained malicious links but had made it past the email security solutions.
Previous reports suggest that the average office worker received 121 emails a day. If approximately 2% of spam emails make it through filters, then the average office worker could expect to receive 2 scam emails per day. When summed across all of the employees in an organisation, it is evident that failing scam filters pose a significant threat to organisations.
Hackers send malicious emails as a part of phishing campaigns, in which they attempt to obtain login credentials to company accounts so they can access financial information or other sensitive data. The emails may also contain attachments which harbour malware, such as ransomware. This malware can cause severe damage to an organisation’s systems and be costly to remove.
The report acknowledges that no email security solution is entirely effective, and there are many challenges faced when trying to develop such solutions. Furthermore, hackers are always updating and altering their techniques to evade detection. Business should use email security solutions to limit the volume of spam emails reaching inboxes, but they should not be solely reliant on these solutions for their defences.
Employee training is a critical aspect of ensuring that data remains safe. Businesses should train employees to recognise suspicious emails and avoid falling victim to scams. The business should incorporate cybersecurity best practices into their regular employee training regime.
Email security solutions generally very effective at blocking emails containing malware. However, they are less effective at identifying emails that contain malicious URLs. Businesses should consider using a web filtering solution to fix this gap in security. A web filter uses blacklists to prevent users from visiting domains that are on a list of known malicious links. Advanced web filtering solutions can also scan websites in real-time to assess content. The web filtering solution prevents a user from accessing a site if it finds the site to be malicious.
The Mimecast report highlights the importance of these technological solutions in defending businesses against cyber attacks.