Findings from an Osterman Research survey show that account takeover based (ATO) attacks are increasing and impacted 44 percent of surveyed businesses in the past 12 months.
The survey of 140 organizations with an average of over 16,821 email users, conducted on behalf of Agari, informs the newly published ‘Protecting Against Account Takeover Based Email Attacks,’ report which claims that observed account takeover-based email attacks more than double month-over-month. Attacks launched from compromised accounts evade traditional detection because they come from a previously-established credible sender.
Account takeover based attacks evade traditional email security solutions, such as secure email gateways (SEGs), because they are sent from established email accounts – no domain name spoofing or display name deception is required. Previously, Agari research has demonstrated that SEGs are unable to detect business email compromise (BEC) because there is no malicious payload involved. Consequently, ATO-based BEC attacks present a very high risk to organizations because no security controls can detect them.
“Agari’s research demonstrates what CISOs have suspected for years: traditional email security solutions, such as secure email gateways, based on inspection and reputation are unable to detect advanced email attacks, such as account takeover,” said Ravi Khatod, CEO, Agari. “As criminals have refined their techniques, impersonating and targeting the highest levels of corporate leadership, organizations risk giving away the keys to the kingdom.”