BEC attacks have risen 53% year-over-year

Armorblox released a report which highlights the use of language-based attacks that bypass existing email security controls. The report uncovers how the continued increase in remote work has made critical business workflows even more vulnerable to new forms of email-based attacks, often resulting in financial fraud or credential theft.

Language-based attacks have become the new normal for business email compromise (BEC) with 74% of these attacks using language as the main attack vector.

Security teams spend a massive amount of time configuring rules and exceptions in their email security solutions to block impersonation emails – both for executives and other employees. Despite all of that manual work and rule writing, 70% of impersonation emails evaded email security controls.

“Based on threats analyzed by Armorblox across our customer base of over 58,000 organizations, we see a sharp increase in email attacks targeting critical business workflows. These use language as the primary attack vector and impersonate VIPs, known vendors, and SaaS applications,” said DJ Sampath, CEO of Armorblox.