On March 17, the FBI released its seminal annual Internet Crime Report. Once again, socially-engineered attacks (including business email compromise, spoofing, and phishing) by far were the number one cybercrime by financial loss, accounting for $2.1 billion of the $4.2 billion in losses to U.S. businesses and consumers. These attacks utilise impersonations to get companies to transfer money to fraudulent accounts and pose significantly more financial danger to an organisation than well-known tactics such as malware and ransomware.
As the FBI noted in its report, “fraudsters have become more sophisticated by evolving their techniques to use social engineering to compromise vendor email accounts and use stolen identities to establish bank accounts to receive stolen funds through invoice fraud.”
Attackers haven’t let up in 2021. As outlined in the new Threat Research Report “High-Profile Socially-Engineered Email Attacks Drive Record-High Employee Engagement & Fraud”, it was found that attacks across a variety of categories grew at significant rates. Quite simply, attackers are more successful by using socially engineered attacks to bypass existing protections such as secure email gateways.
Key research takeaways
- The rate of employee engagement increased by 50% for socially engineered attacks that bypass secure email gateways or other existing protections.
- Employees are four times more likely to engage attackers through lateral phishing attacks from compromised internal accounts than with credential phishing from external accounts.
- There was a 250% percent increase in the presence of malicious mail filters from Q4 2020 to Q1 2021.
- The percentage of companies across industries hit with VEC attacks increased 119% between July 2020 and April 2021.
Its clear traditional secure email gateway defenses were not designed to stop socially engineered attacks. To stem the tide, organisations need to consider a new approach. Without one, high-profile attacks such as SolarWinds and USAID, which can surmise started with socially engineered campaigns, will continue to cause severe financial and reputational loss.
How Abnormal stops socially-engineered attacks?
The API-driven approach uniquely leverages behavioural data science to profile and baseline good behaviour
Abnormal Security delivers a fundamentally different approach that protects enterprises from socially engineered email attacks from internal and external account compromises — ranging from targeted phishing, BEC, and invoice fraud — that were previously undetectable by traditional email security solutions.
The new API-driven approach pioneered by Abnormal Security uniquely leverages behavioural data science to profile and baseline good behaviour to detect account compromises and phishing attacks. It delivers this approach through a cloud-native email security platform that can be deployed instantly into Microsoft Office 365 via a 1-click API integration – and can be used to extend the existing secure email gateways.
Abnormal Security requires no configuration and delivers results immediately after integration. The system learns and self-configures for each deployment and continually self-tunes, minimising any ongoing maintenance. Its behavioural data science approach works in conjunction with traditional threat intelligence email security solutions to provide an extra layer of defense against never-seen-before socially engineered advanced attacks.