Impersonation Phishing Attacks Up 67% in Last 12 Months

Social engineering attacks using impersonation tactics increased by 67% over the past twelve months, according to Mimecast’s annual State of Email Security report. Mimecast surveyed more than a thousand organizations around the world and found that 94% of them had been targeted by phishing attacks in the past year. More than half of the organizations said these attacks were increasing, and 41% observed a rise in internal malicious emails due to compromised accounts.

The spike in impersonation attacks is the report’s most striking finding. These attacks can be highly targeted, as in the case of business email compromise scams. They can also use the branding of well-known companies and services to increase the efficiency of widespread phishing campaigns. Of the organizations who were affected by impersonation attacks, 73% experienced losses of customers, money, or data.

Mimecast’s press release states that “social engineering attacks are a rising concern for organizations because they’re often one of the most difficult to control.” As security technologies get better at blocking automated phishing campaigns and off-the-shelf malware, attackers are increasingly relying on social engineering to make their attacks more effective.