Most Security Pros Have Seen Attack Emails In Their Inbox: Study

Perhaps this is no surprise, but security professionals are more likely than others to spot email threats — 84% see them versus 33.9% of laypeople, according to 2018 Email Security: Trends, Challenges and Benchmarks, a study by GreatHorn.

Overall, 40% of those polled see email threats — phishing, spoofing, malware and viruses — in their inboxes on a weekly basis, and 15.8% experience them daily despite the security mechanisms in place.

But, again, the professionals are more likely to see them at these frequencies — 23% view them daily and 34% see them weekly. Around 15% of all groups see such threats monthly.

GreatHorn surveyed 295 professionals, 61% of whom are security pros and the remainder lay people, defined as those not involved in email. Only 8% of that group see threats daily, and 12.6% weekly.

Impersonation emails appear to be the most successful attacks. Sixty-three percent of the security pros have seen them bypass their email security tools and make it into the inbox and overall, 45.8% have seen these attacks in their inboxes.

The second most prevalent threat is business service spoofing (seen by 42% of the security pros), followed by wire transfers (38.7%), credential theft (34.3%) and payload/malware (33.1%). Again, laypeople are much less likely to have seen these.

People who are dissatisfied with their email security solutions are more likely to see bad emails getting through. Seventy-six percent have experienced impersonations, followed by 66% who have experienced spoofing, 57% who have had payload/malware and 57% who have dealt with credential theft.

What worries them most? Impersonation attacks (27.5%), credential theft (24.7%) and payload attacks (22.5%). Smaller percentages sweat about spam/graymail, business services spoofing and wire transfer requests.

What are companies doing to fight attacks? The following methods are in place:

Native platform features such as those n G-Suite and Office 365 — 55.4%

User awareness and training — 55.4%

Firewalls — 54.3%

Secure email gateway (e.g., Mimecast, Proofpoint, Barracuda, etc. )— 53.1%

Stand-alone anti-virus/anti-spam solution — 48%

Add-on platform features (e.g., Advanced Threat Protection, Exchange Online Protection, etc.) — 37.7%

Nothing — 1.1%

Other — 3.4%

The study also found that on-premise companies are 1.9 times more likely to use a secure email gateway than companies that use cloud email. However, 46.1% are “less than satisfied” with their current email security solution. Only 10.1% very satisfied. Among those in senior roles, 19.7% are dissatisfied vs. 11.8% of the general population.

Next story loading loading..