Email security trends were analyzed in a recent report by At-Bay. One finding from the report shows that email incidents increased in the U.S. in 2023, with the frequency of email claims jumping by nearly 25%.
Larger companies, with annual revenue greater than $100M, saw the highest overall increase in frequency, experiencing three times more email claims than companies under $25M. The three top most targeted industries for email crime in 2023 and the first half of 2024: Manufacturing, Finance, and Law Firms.
Financial fraud was the most common cybercrime committed over email, accounting for three of five email claims in 2023 (61%), worsening to more than two-thirds (72%) in the first half of 2024. In three of four cases (75%), these incidents occurred with a vendor or partner the business already had a relationship with. The average amount of funds stolen in a financial fraud incident was $219K. In the most severe cases, threat actors stole more than $5M. The real estate industry saw the worst financial fraud cases with an average stolen funds amount of $434K.
Threat actors aren’t always after cash — they’re fraudulently redirecting goods. According to the report, 4.5% of the incidents analyzed involved goods delivered to a threat actor without payment, spanning everything from Christmas decorations, to beauty products and paper towels.
The report also compares the impact these attacks had on various organizations in the last year. According to the report, Google Workspace customers experienced 54% fewer incidents compared to the average. This was an improvement from last year, where businesses that used Google saw 41% fewer claims. Businesses using Microsoft 365 had a relative claims frequency 45% higher than the overall average, seeing worse overall outcomes compared to last year’s report.
In 2023, Google Workspace customers experienced 3X fewer cyber insurance claims compared to Microsoft 365 customers, further widening the gap since 2022, where Google Workspace customers experienced 2X fewer incidents than Microsoft 365.
Businesses using Mimecast for their email security experienced 37% fewer incidents than the average, according to the report. This was the lowest claims frequency of the six email security providers analyzed and marks the second year in a row that Mimecast has topped the list. Customers using Intermedia, Barracuda, Appriver, and Sophos all saw higher email claims frequency than the average, all worsening compared with 2023.
