As organizations across the globe continue to work remotely, email remains the go-to attack vector for cybercriminals. According to a new study, over a third of all organizations are being hit by email attacks daily. With the professional community growing increasingly dispersed and distracted, email impersonation is rising rapidly and wreaking havoc in both corporate and personal email inboxes alike.

Email impersonations provide opportunistic fraudsters with the perfect way to exploit human vulnerabilities. Impersonation attacks have infinite variations and each one depends on the target’s quick reactions to emails and misguided trust in surface appearance. Both people and brand impersonation can be quite difficult to detect as they utilize a known contact name and rely on the lack of cyber awareness amongst non-technical recipients.

As email attacks soar, IT decision-makers are boosting remediation efforts as well. According to a study, IT decision-makers need to remediate an email-borne attack daily. These remediation efforts include running PowerShell scripts, suspending compromised email accounts, legal action, resetting compromised application accounts, and more.

Statistics on Email Impersonation in 2020

To determine just how sharply email impersonation along with other email attacks have skyrocketed, a study was conducted on 640 security, c-suite and IT professionals. As per this study:

1. More than 35.1% of respondents ranked impersonation attacks including phishing, whaling, and Business Email Compromise (BEC) as their top email threat in 2020.

2. Around 42% of respondents reported seeing impersonations of reputable brands in their inbox, which is a sharp increase from just 22.4% in 2019.

3. 35.8% of respondents report seeing impersonations, phishing, credential theft, malware, ransomware, spoofing or other email threats in their inbox every day, as compared to 24.3% in 2019.

4. Respondents reveal that they need to remediate at least one email-borne attack daily, marking an increase of 165% from 2019, when only 12.7% reported needing to remediate an email attack every day.

5. 40% of respondents stated that the biggest problem with their existing email security solution is missing payload attacks like malicious attachments and links and malware.

7. With employees working remotely, 34% of IT professionals fear that employees are taking security less seriously due to their relaxed surroundings.
8. 33% IT professionals believe that employees are not sticking to protocol, especially in terms of when it comes to identifying and reporting suspicious activity.

Cybersecurity Tips for Protection against Email Impersonation

Email impersonation is being widely used by cybercriminals to hoodwink employees into giving up confidential information, which can be easily used to gain access to an organization’s private data. With organizations all around the world becoming victims of these attacks, it has become absolutely essential to protect your company against malicious actors. So, here are a few effective cybersecurity tips for preventing email impersonation attacks:

1. Inculcate cybersecurity awareness among employees about the predominant cyber-attack tactics and rudimentary cybersecurity measures they can take to prevent it with training.

2. Implement a Phishing Incident Response Tool such as TPIR and ask your employees to report any suspicious-looking emails.

3. Use standard email security practices by implementing SPF, DKIM, and DMARC to secure your email domain against forgery. This can also defend your customers and employees against email spoofing and brand impersonation.

4. Implement TDMARC to monitor all three of the email authentication protocols to complement the Simple Mail Transfer Protocol (SMTP).

KDMARC: Ultimate Email Security Solution

KDMARC is a GCA-certified outbound email authentication monitoring and anti-spoofing tool. It is a comprehensive email security solution designed to protect your organization against email-based attacks like spoofing, spamming BEC, etc.

It protects your customers and email domain against brand abuse. Moreover, KDMARC helps in boosting email engagement rates and increasing email deliverability. It offers full insight into an organization’s email channel and provides domain owners with full reports about the emails sent through their domain.

This tool delivers a domain summary of up to 3 months to offer complete visibility into the fraudulent and legitimate emails sent using the domain name of your organization. It also gives you insight into the sources trying to forge or misuse your organization’s domain name.