Cybersecurity researchers at Proofpoint spent a week in February monitoring email correspondence received by 3,000 organizations in the UK, US, and Australia. What they found was that virtually every business (98 percent) was targeted by a malicious email coming from a trusted domain operated by a supplier.
According to Proofpoint, the majority of these attacks did not carry a malicious file, such as malware or ransomware. Instead, they utilized social engineering strategies, targeting distracted, gullible, or overworked employees.
Almost three-quarters (74 percent) of the attacks were phishing or impostor attempts, while less than 30 percent of threats coming from supplier domains carried malware.
Attackers are also utilizing the cloud, leveraging popular collaboration platforms such as Microsoft 365, Google G-Suite, and Dropbox to host or send threats.
Email fraud threats are highly targeted and, when successful, can result in large financial losses. Proofpoint said it managed to stop supplier invoicing fraud attacks that could have seen millions of dollars siphoned from victim organizations.
Earlier this year, the FBI said BEC and Email Account Compromise (EAC) made up the majority of cybercrime losses in 2020, costing businesses almost $1.9 billion.