According to research, email is indeed the most preferred medium of communication by almost 86 percent of professionals. Whilst the average office employee gets 121 e-mails a day and sends roughly 40 business e-mails, Radicati Group's 2017 study reports that 269 billion e-mails are sent daily to just over 3.7 billion e-mail users worldwide. Consequently, cyber-attacks based on email are also sky-rocketing.
Furthermore, because of the broad shift to work from home culture due to the pandemic, more vital data is communicated through email than ever. Users can get hundreds of E-Mails every day, and it takes time and effort to screen them.
Given the rising volume, it is no surprise that email fatigue is growing. Unfortunately, this exhaustion will make it easier for people to click a harmful e-mail, which explains why 94 percent of malware is currently sent by email.
Email fatigue is a word used to describe a condition where email users feel overwhelmed with the emails they receive. This can often lead to unsubscriptions, low commission rates, or even a large number of spam reports.
However, while spam is an old-school approach, it is still being used for nefarious reasons by hackers. Fake spam withdrawal is a strategy that cybercriminals employ to improve their mailing lists and validate email addresses. Whenever a user clicks on a false link in a spam email, the spammer will check for the correct emails, active, and regularly checking the email address. From there the user can receive additional malicious payloads in an email.
Notable phishing attack includes the Five Rivers Health Centers in Dayton, Ohio where 155,000 patients details were exposed for 2 months owing to an e-mail phishing attack. And over 10,000 phishing scams exploiting common coronavirus concerns were investigated in 2020 by Her Majesty Revenue and Customs (HMRC) from the UK.
The successful spear phishing resulted in 95 percent of the attacks on enterprise networks. The Australian hedge fund co-founder, Levitas Capital, was a target of a whaling attack in November 2020, which is a form of spear phishing. Although it cost the corporation $800,000 – a little below the initially anticipated 8 million dollars – it also resulted in a loss of the largest customer for the hedge fund. Finally, the company had to close permanently.
In 2019, an investigation of cybersecurity indicated that 26 percent of global firms have compromised by one to ten BEC attacks (business e-mail compromise). Recent attacks by the BEC include:
- Barbara Corcoran's Shark Tank Host that lost $380,000,
- The Puerto Rican government, which amounted to $4 million;
- Japan's media powerhouse, Nikkei, sent $29 million in a bogus email, according to instructions.
Cyber-crime members constantly improve their email methods by playing with the emotions of a victim: causing fear, manipulating greed, benefiting from the curiosity of the individual, asking for help, or encouraging users to feel comfortable. This strategy is frequently employed by ransomware-as-a-service attackers.
A one-and-a-done strategy never works whenever it comes to email security. Malware is passed through a single defense, hence a solution must include several protective layers. In this method, a subsequent layer stops if malware defeats a defense.
Using a multi-layered method paired with Acronis Cyber Protect technologies, including URL filtering, may prevent harmful domains and malware downloads from being the first affected systems.