IT decision makers consider email fraud to be one of the top security risks faced by businesses today while as many as 60% of them think businesses are exposed to email threats every week. These are the key insights from a survey conducted by Hiver, a leading email collaboration solution for teams.
In recent months, as IT teams across businesses navigate challenges resulting from COVID-19, email security remains a top priority. Cybercriminals are taking advantage of the discussions around the outbreak and tricking users to click on malicious links or attachments in emails. There continues to be a steady increase in the number of COVID-19-related spear phishing attacks. In recent months, as IT teams across businesses navigate challenges resulting from COVID-19, email security remains a top priority.
The survey was conducted in order to better understand how organisations in India are coping with email related threats. Hiver surveyed over 100 IT professionals in senior management roles across different industries to gain insights into the kind of cybersecurity protocols and measures they are taking to protect their organizations from email fraud during COVID-19 and beyond.
It is apparent from the findings that companies have become more cognizant of the increasing threat from email fraud, and an astonishing 94% acknowledged that their company is likely to be targeted by email fraud over the next one year. The survey found that over 90% CIOs believe their organisations are exposed to email threats at least once a month.
When asked what’s the key reason behind rising email fraud, 46% respondents said that attackers/hackers were becoming more advanced and they were also growing more effective at evading traditional security tools.
A similar percentage of respondents said it was because attackers are constantly changing their tactics and given the emergence of new diverse and advanced threats, it is difficult to secure organisations against such unknown threats. For instance, the coronavirus related attacks use common phishing tactics, but are using the pandemic as a hook to scam users and capitalize on the fear and uncertainty of the intended victims.
More than a third of the respondents (36%) said ‘spam emails reaching the inboxes’, followed by ‘credential theft’ (sending a fake login page) and ‘spoofing’ (impersonation of a person or brand) were the biggest risks to email security. One in five respondents had experienced data breach due to an email attack. These include compromised accounts, loss of confidential data, credentials, and fraudulent financial transactions.
The survey revealed that a sweeping majority, over 90% of the IT leaders, rely on technologies and automated tools to secure email and remove threats. When asked about preventive measures being taken to protect the organisation against email fraud, surprisingly hardly any of the respondents mentioned undertaking training of end users to increase awareness of email threats.
However, a good 55% of the IT decision makers surveyed agreed that training employees in best practices is the most important factor when it comes to prevention of email fraud. Some of the best practices include use of strong passwords, use of two-factor authentication and implementing antivirus/anti-malware software to scan emails. While the email scams leveraging Coronavirus are new, the same security measures still apply.
Niraj Ranjan Rout, CEO and Co-founder of Hiver, said, “The survey reveals that email fraud is quite pervasive and despite security measures, continues to rise. The risks are continuously evolving and CIO/CTOs remain concerned about the severity of email threats. Organizations need a multi-layered defense strategy that should include employee training in preventive measures, financial controls to prevent fraud and most importantly, technology and tools to combat the threats of email attacks.”