You’ve heard the statistics…more than 70% of all business users will be provisioned with cloud office applications in the next two years, including email. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivity

Chasing this move, cybercriminals intent on account takeover are evolving their tactics, targeting end users with various identity-deception scams. Their evolving tactics and your defenses against them deserve a closer look.

As email scammers become more sophisticated and cybercriminals expand their tactics, phishing and BEC attacks from compromised email accounts continue to rise in popularity. We’ve seen a 35% increase in attacks launched from compromised accounts in the last six months. This means that email account takeover-based threats are more prevalent than ever before. And since this is the hardest attack type to protect against, these threats are only going to become more dangerous.
 

Want to know how email became the number one attack vector for cybercriminals?

Legacy email security systems are failing, as more enterprises migrate their emails to the cloud and cyber-attacks become more professional and difficult to detect. Companies in all industries and government agencies simply are not moving fast enough to counter the increasingly sophisticated threats like business email compromise (BEC) and account takeover attacks.

The statistics are astounding. Email remains the number one threat vector for data breaches, the point of entry for ninety-four percent of breaches. There is an attack every 39 seconds. Over 30% of phishing messages get opened, and 12% of users click on malicious links.

Cybercriminals have used email to scam more than $13 billion out of organizations since 2013, according to the most recent Internet Crime Report. Phishing is rising by the day, and despite advancing threat-detection technology, the problem is getting worse.

Business email compromise (BEC), phishing, and ransomware are growing ever-more tar

Today, we’re excited to announce a new technology called Agari Continuous Detection and Response (CDR) that will allow customers to go back in time and find latent threats that are sitting in employee inboxes that could lead to data breaches. As Marty McFly would say, ‘“What do you mean go back in time?”

Our recent report on London Blue, the cybercrime network that has amassed a list of 50,000 finance executives targeted for upcoming business email compromise (BEC) scams was alarming. But what makes it worse is that London Blue is not the only group of sophisticated cybercriminals out there.