Hiver claims that it surveyed over 100 IT professionals in senior management roles across different industries to gain insights into the kind of cybersecurity protocols and measures they are taking to protect their organisations from email fraud during COVID-19 and beyond.
About 94% of those surveyed acknowledged that their company is likely to be targeted by email frauds over the next one year. The survey found that over 90% CIOs believe that their organisations are exposed to email threats at least once a month.
When asked what’s the key reason behind rising email fraud, 46% respondents said that attackers/hackers are becoming more advanced and that they are also growing more effective at evading traditional security tools.
A similar percentage of respondents said that it was because attackers are constantly changing their tactics and given the emergence of new diverse and advanced threats, it is difficult to secure organisations against such unknown threats. For instance, the coronavirus-related attacks use common phishing tactics, but are using the pandemic as a hook to scam users and capitalize on the fear and uncertainty of the intended victims.
More than a third of the respondents (36%) said ‘spam emails reaching the inboxes’, followed by ‘credential theft’ (sending a fake login page) and ‘spoofing’ (impersonation of a person or brand) were the biggest risks to email security. One in five respondents had experienced data breach due to an email attack. These include compromised accounts, loss of confidential data, credentials, and fraudulent financial transactions.
The survey revealed that over 90% of the IT leaders rely on technologies and automated tools to secure email and remove threats. When asked about preventive measures being taken to protect the organisation against email fraud, hardly any of the respondents mentioned undertaking training of end users to increase awareness of email threats.
However, 55% of the IT decision makers surveyed agreed that training employees in best practices is the most important factor when it comes to prevention of email fraud. Some of the best practices include use of strong passwords, use of two-factor authentication and implementing antivirus/anti-malware software to scan emails. While the email scams leveraging coronavirus are new, the same security measures still apply.