The number of attacks targeting business email accounts continued to increase through the second quarter of 2018, particularly for organisations using Microsoft’s Office 365, according to specialist insurer Beazley.
Beazley said that email compromises accounted for roughly 23% of incidents reported to its Beazley Breach Response (BBR) Services team during Q2 2018, although the attacks were broadly distributed across industry sectors.
This form of breach is attractive to hackers because compromising just a single account can provide a platform from which to spear phish within and outside an organisation.
Accordingly, business email compromises have soared in frequency since the beginning of last year, as shown by the below graph, which was included in Beazley’s report.
Business email breaches are potentially very damaging with costs that can exceed $2 million, but they can also be very easily prevented with the use of two factor authentication and employee training, and by disabling the ability for third-party applications to access platforms like Office 365.
“Business email compromise attacks are among the more expensive data breaches we see,” said Katherine Keefe, head of BBR Services. “Years of emails often need to be combed through to identify personally identifiable information or protected health information that has been compromised. In the majority of cases, multiple inboxes are compromised.”
In addition to securing a base for spear phishing attacks, hackers can also leverage compromised accounts to request fraudulent wire transfers, redirect an employee’s paycheck, and steal sensitive information within the inbox.
Dasha Tarassenko, Consultant at cybersecurity firm Mandiant, commented: “Phishing emails coming out of the compromised accounts are becoming more targeted and impressively crafted than ever before. They’re not just sending thousands of spam emails. They’re doing reconnaissance within the compromised inbox and then tailoring the next phishing email to the recipient.”