Spam, Targeted Impersonation Attacks Bypassing Security Systems: Mimecast

Mimecast’s “Email Security Risk Assessment” found 26,305,457 spam emails, 27,156 malware attachments, 55,190 impersonation attacks and 466,905 malicious URLS, were all missed by incumbent providers and delivered to users’ inboxes.

This latest quarterly ESRA from the London-based email and data security company presents an aggregated report of tests that measures the effectiveness of widely used email security systems. It reveals many email attacks ranging from opportunistic spam to highly targeted impersonation attacks are getting through incumbent email security systems both in large number and variety.

Mimecast, which has a U.S. office in Lexington, Mass., notes many organizations think their current email security systems are up to the task of protecting them from phishing. “Unfortunately, many of them fall short and do not keep their organizations safe.”

Impersonation and phishing attacks are becoming a growing problem.  According to the recently launched Mimecast’s “State of Email Security” 2019 report, 85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact – like financial, data or customer loss. Not only that, but 94% of the respondents said they experienced a phishing attack, with 55% noting an increase in this type of attack year over year.

Mimecast indicates this reaffirms the need for the industry to continue to provide better efficacy in their email protection to help organizations strengthen their cyber-resilience to keep their data and communications safer.

“Today’s threat landscape continues to evolve as cybercriminals adapt their attack methods, particularly email-borne attacks, to evade the detection of traditional security solutions. This is becoming a huge problem for companies regardless of size — across the globe. The ESRA results offer deep insights so our customers can better understand the types of attacks threatening their business,” Joshua Douglas, vice president of threat intelligence at Mimecast, said. “Through better email security, paired with improved security awareness, Mimecast can help customers build a comprehensive cyber resilience strategy that prepares them to take on and defend against both known and unknown cyber threats.”

The ESRA proclaimed many organizations think their current email security systems are up to the task of protecting them from phishing. “Unfortunately, many email security systems fall short and do not keep their organizations safe. The reality is the entire industry needs to work toward a higher standard of email security. The proof is in the numbers.”

Mimecast said it is establishing a standard of transparency for organizations and raising the bar for all security vendors. “In working with our more than 34,000 customers, Mimecast has observed firsthand that not all email security systems perform equally well. But until we started conducting these tests, we lacked the comparative data to prove our perceptions.”

In order to address this head-on, Mimecast indicated it has been continually using ESRAs with three goals in mind:

1. To test the Mimecast Secure Email Gateway service against an individual organization’s incumbent email security system. “We do this to help the organization understand the relative efficacy of the security systems and to see the number, type and severity of email-borne threats that are currently getting into their organization.”
2. To inform the security industry with hard data on the effectiveness of various commonly-deployed email security systems.
3. To inform the security industry regarding the number, type and severity of email-borne threats actively used in attacks.

Mimecast uses its cloud-based Secure Email Gateway service to assess the effectiveness of legacy email security systems. “An ESRA test passively inspects emails that have been passed by the incumbent email security system and received by the organization’s email management system,” the report explained.  In an ESRA the Mimecast service re-inspects the emails deemed safe by the incumbent email security system and looks for false negatives, such as spam, malicious attachments and URLs, as well as impersonation attempts.

Mimecast said it ESRA testing to date has covered 398,119 email users over a cumulative 2,088 days of inbound email received into the organizations participating in the testing. In this time period, the security firm inspected more than 237 million emails.