Phishing, impersonation attacks balloon in SA
South African companies saw an increase in phishing attacks containing malicious links or attachments in the past year.
This is according to Mimecast’s 2019 State of E-mail Security Report, which notes that e-mail attacks are cheap, easy, low risk and high reward for cyber criminals.
The report states that in 2018, 53% of South African companies were impacted by e-mail attacks, while 63% reported increases in impersonation fraud.
“Not only is the volume of attacks increasing, they are becoming more sophisticated and the pace at which criminals are innovating is cause for immense concern,” comments Brian Pinnock, cyber security expert at Mimecast.
“A single e-mail breach can hit your revenue and reputation hard. Protecting against this is not easy. The sheer amount of e-mails that pass through an organisation each day complicates the process of securing yourself from e-mail-borne threats.”
Pinnock adds that Mimecast’s latest E-mail Security Risk Assessment, an aggregated report of tests that measure the efficacy of widely used e-mail security systems, found that many e-mail attacks ranging from opportunistic spam to highly targeted impersonation attacks are getting through incumbent e-mail security systems.
It found that 26 305 457 spam e-mails, 27 156 malware attachments, 55 190 impersonation attacks and 466 905 malicious URLs were all missed by these incumbent providers and delivered to users’ inboxes.
Pinnock notes phishing is the leading e-mail attack type, as fraudulent e-mails written under the guise of an important stakeholder, such as a bank, South African Revenue Service, or regulator that solicits an unsafe action from the recipient; for example, clicking on a seemingly innocuous link that exposes personal or company information or triggers a malware install.
“These types of attacks are untargeted and rely on volume and human weaknesses to break through cyber defences. The amount of information we readily share online, and the speed at which we use Internet-based services, leaves us exposed to clever tricksters.”
Commenting on the attacks on financial institutions, Manny Corregedor, chief operations officer at information security company Telspace Systems, says the financial sector is highly targeted, especially by organised crime.
“It is where the money is. Therefore, organised crime will spend resources, money because the return on investment on their side is worth it. They will find a way to compromise an organisation if the reward is worth it; as such, it wouldn’t be fair to say that data breaches are as a result of companies not having adequate cyber security controls. However, context is important and each breach needs to be looked at on a case per case basis.”
Corregedor explains organisations need to establish an information security framework or strategy that is supported by the executives and has their board’s buy in.
“It is then important to conduct a risk assessment to identify high risk areas, choose adequate controls to mitigate or reduce the risk, and more importantly, those controls need to be tested and their effectiveness measured,” he says.
For Australian-based security expert, Troy Hunt, in emerging markets like SA, more people are joining in online, meaning more people, more data and more breaches.
“Companies must have preventative measures on data breaches; they must also regularly do audits and prepare for breaches. Organisations rarely plan for how they should handle data breaches and when an incident does happen, they’re left unprepared; they are in unfamiliar territory, there’s enormous stress and pressures on them and frankly, they usually react pretty badly,” Hunt notes.