Cybercriminals increasingly impersonate business-related apps

Cybercriminals have wasted little time in capitalizing on the vulnerabilities that come with remote work, and their attacks have been highly targeted, with a focus on business-related apps, according to GreatHorn.

Business-related applications, those that have allowed employees to collaborate and stay productive over the past year, are by far the most frequently impersonated by cybercriminals.

GreatHorn collected data from over 588 participants working across a diverse set of roles within the information technology security market segment. The respondents hold various roles in IT as well as in the C-suite. The results of the report identify not only the challenges, but also the changes companies have encountered in the past year and the email threats that remain present today.

Cybercriminals capitalizing on work from home business-related apps

As employees continue to work from home, expanding their digital presence while leveraging multiple communication platforms, this provides more valuable information for cybercriminals to leverage.

Business-related applications (Zoom, Microsoft, DocuSign) account for 45% of impersonation-related phishing attacks, much more than social media-related applications which consist of Facebook, LinkedIn, and Twitter (34%) or consumer-related applications consisting of websites such as Amazon and PayPal (20%).

The quality of phishing attacks

Though daily occurrences of phishing attacks have decreased from 36% to 25% between 2020 and 2021, weekly and monthly phishing attacks have increased from 28% to 42% and 11% to 17%, respectively. These attacks are increasingly difficult to detect as cybercriminals become more sophisticated and targeted in their attacks – advancing beyond the ‘batch and blast’ methodology to social engineering phishing campaigns.

As a result of this, the quantity of phishing attempts being experienced by organizations may have decreased daily, but the impact of those campaigns that bypass traditional email security is increasing. As a result of increasing attacks, email security has risen to one of the top 3 IT security projects for 2021 among the organizations surveyed.

Additionally, while the need to remediate phishing attacks daily has decreased from 34% to 18% YoY, occurrences have increased weekly from 28% to 41% on average and monthly from 11% to 16%.

“In today’s email security environment, it is impossible to catch every phishing attack. The results of this benchmark report indicate that cybercriminals are relentless and continue to advance their techniques to exploit systems and people.” said Kevin O’Brien, CEO of GreatHorn. “Email security providers must shift their approach to understanding and controlling threat vectors in order to analyze deviations from the norm. Only from there can they create automated defense systems that produce a layered approach to mitigating risk.”

Additional key stats

• Email security (48%), securing telework (41%) and cloud security posture management (40%) are the top 3 security projects for 2021.
• Missing phishing attacks remains the top issue in current email security solutions with 39% of respondents noting this as a top concern in both 2020 and 2021.
• Fewer organizations report being “satisfied” with their current email security solution, decreasing from 76% in 2020 to 53% in 2021. On the other hand, organizations reporting their email security solution was “good enough” increased from 19% in 2020 to 36% in 2021.

The top 3 threats that concern IT professions are:

• Payload attacks: rising from 16% to 21%
• Wire transfer requests: rising from 8% to 14%
• Compromised accounts: rising from 8% to 10%