Mimecast (NASDAQ: MIME), a main email and information security company, declared the accessibility of its most recent Email Security Risk Assessment (ESRA). The quarterly assessment is an aggregated report of tests that measure the efficacy of widely used email security systems. This quarters ESRA report found a significant increase in Business Email Compromise (BEC) attacks, emails containing dangerous file types, malware attachments and spam being conveyed to users inboxes from incumbent email security systems.

BEC attacks, also alluded to as email-based impersonation fraud, is an issue that is not going away because these attacks can easily evade many traditional email security systems on a global scale. The latest ESRA found a 269% increase in these types of attacks, in comparison to the same findings in last quarters report. This trend was also reflected in recent research, the State of Email Security 2019 report, which found that 85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact like financial, data or customer loss.

The rise in BEC attacks underscores the requirement for organizations to include protection against well-resourced attackers. A 2019 Osterman Research Report titled Ten Questions to Ask About Your Office 365 Deployment, concluded Microsoft Office 365 alone, will not fully meet many organizations requirements. Today, close to half of Mimecast customers bolster the cyber resilience of their Microsoft Office 365 deployments with services including, Targeted Threat Protection to shield against bad actors and BEC attacks.

BEC attacks are not the only method cybercriminals have been successfully leveraging to target organizations. The ESRA report found 28,783,892 spam emails, 28,808 malware attachments and 28,726 dangerous files types were all missed by incumbent providers and delivered to users inboxes, an overall false negative rate of 11% of inspected emails. The outcomes from the report exhibit the requirement for the whole business to keep on progressing in the direction of a better quality of email security.

This ESRA report pointed out that impersonation attacks keep on threatening all types of organizations, yet I think the real issue is that there are tens of thousands email-borne threats successfully able to bypass the email security systems that organizations have in place, effectively leaving them vulnerable and putting a lot of pressure on their employees to discern malicious emails, said Joshua Douglas, vice president of threat intelligence at Mimecast. Cybercriminals will consistently search for better approaches to bypass traditional defences and fool users. This implies the industry must focus their endeavors on investing in research & development, unified integrations and making it easier for users to be part of security defences, driving resilience against evolving attacks.

Mimecast delivers quarterly ESRA reports to offer organizations insights on the rise of new kinds of email-borne threats and key trends in malicious email campaigns.