| Publisher | Armorblox |
| Year | 2023 |
| Publishing Frequency | Yearly |
| Authors | Lauryn Cash, Sakthi Chandra, Anand Raghavan, Anurag Shrestha, Prashanth Arun |
| Cost | Free |
| Topics | Email Security, Phishing |
Overview
Armorblox presents its second annual Email Security Threat Report, providing insights into the evolving threat landscape observed among its customer base. The report highlights a significant shift in attack types and methods used by attackers, revealing the insufficiency of native email security and inline security tools in detecting and preventing these attacks. In response, IT and security leaders are encouraged to stay informed and take proactive measures to secure their organizations against cyber threats.
Key findings from the report include the fact that 56% of all attacks bypassed legacy security filters, indicating a need for more effective security solutions. Vendor compromise attacks, particularly targeting technology organizations, accounted for 53% of such attacks, underscoring the vulnerability of small and medium-sized businesses to vendor fraud and supply chain email attacks. Furthermore, 52% of all attacks involved sensitive user data, emphasizing the importance of protecting user credentials and other sensitive information.
Business Email Compromise (BEC) attacks continue to evolve, with language as the main attack vector in 77% of BEC attacks that bypassed legacy solutions in 2022. This highlights the need for robust language-based threat detection mechanisms. Additionally, account compromise attacks targeted SMBs in 58% of cases, emphasizing the persistent threat faced by smaller businesses.
The report also highlights the inefficiency caused by manual remediation of graymail by security teams, with an estimated 27 person hours wasted per week. This demonstrates the need for automated solutions to streamline email security operations and improve overall efficiency.
