Emails containing malicious URLs are up by 125 percent when compared to last quarter according to new research from Mimecast.
The email and data security company's latest Email Security Risk Assessment(ESRA) report has revealed that the delivery of emails containing malicious URLs is on the rise as the lines between email and web security are blurring.
This is the first year that Mimecast has tested for malicious URLs in its ESRA report and the firm detected 463,546 malicious URLs in over 28m emails that were deemed “safe” by an organization's existing email security system for an average of one malicious URL in every 61 emails.
The firm also conducted recent research with Vanson Bourne independently to confirm that malicious URLs are a rampant problem with 45 percent of 1,025 respondents saying the volume of these URL-based attacks has increased over the last year.
Undetected email attacks
In addition to malicious URLs, Mimecast's latest ESRA report also found 24m spam emails, 26,713 malware attachments, 53,753 impersonation attacks and 23,872 dangerous file types. In total, the firm inspected over 230m emails that contained a variety of attack types missed by today's security solution providers that put both organizations and individuals at risk.
Cybersecurity strategist at Mimecast Matthew Gardiner provided further insight on the ESRA report's findings, saying:
“Email and the web are natural complements when it comes to the infiltration of an organization. Email delivers believable content and easily clickable URLs, which then can lead unintended victims to malicious web sites. URLs within emails are literally the point of intersection between email and the web. Organizations need the visibility across both channels in order to have the protection required to stay on top of today’s ever evolving and expanding threats and having a single vendor in an integrated solution can help. Cybercriminals are constantly looking for new ways to evade detection, often turning to easier methods like social engineering to gain intel on a person or pulling images from the internet to help ‘legitimize’ their impersonation attempts to gain credentials or information from unsuspecting users.”
Mimecast's research with Vanson Bourne also brought attention to the fact that impersonation fraud continues with 41 percent of respondents reported seeing an increase in impersonation fraud from vendors or business partners asking for money, sensitive information or credentials. Furthermore, 38 percent said they've seen an increase of impersonation fraud from well-known internet brands.