Abnormal Security Quarterly BEC Report Shows How COVID-19 Zeitgeist Permeates Email Cyberattacks on Businesses

August 20, 2020

COVID-19-Themed Attacks, Surging BEC Attack Volumes and Pandemic-influenced Brand Impersonations Top Q2 2020 Email Security Trends

SAN FRANCISCO – August 19, 2020 — Abnormal Security, a leader in protecting large enterprises from Business Email Compromise (BEC) attacks, today released the Abnormal Security Quarterly BEC Report for Q2 2020. Trends in BEC and email security during Q2 2020 included a peaking and plateauing of COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud. The report also reveals that Zoom supplanted American Express as the most impersonated brand in email attacks.

Abnormal’s Quarterly BEC Report for Q1 2020 uncovered surges in COVID-19-themed email security attacks, which continued in Q2, with weekly campaign volume increasing 389% between Q1 and Q2. Abnormal also observed a continued increase in BEC attacks targeting finance department employees over C-level executives, which grew by 50% quarter-over-quarter. Payment and invoice fraud attacks, largely driven by vendor fraud, grew by 112% over the last quarter, spiking at the end of June. For the first time, Abnormal detected a surge in payment and invoice fraud related to the pandemic.

BEC-specific attacks also saw an acceleration of attack campaign volume, growing by 11% over Q2 as hackers took advantage of new work-from-home scenarios. As BEC attacks are highly targeted and sophisticated, designed to dupe key targets with the potential to lead to big payouts, this increase is substantial in nature. The shift to remote work makes employees more susceptible to BEC attacks and gives threat actors the opportunity to apply tactics likely to be successful given these working conditions.

“The pandemic has ignited digital transformation efforts at a breakneck pace and cybercriminals are moving just as fast, taking advantage of a new work-from-home landscape amid great business uncertainty,” said Even Reiser, co-founder and CEO, Abnormal Security. “Keeping pace with change is critical, as attackers have continued to exploit enterprises’ weak links – such as vendor and partner relationships – and are pushing more sophisticated and targeted BEC attacks than we’ve seen previously.”

The Abnormal Security Quarterly BEC report also uncovered changing trends in brand Impersonation attacks, a form of fraud where a bad actor assumes the identity of a trusted or known entity. These attacks tend to follow the zeitgeist, which may help explain why Zoom became the most impersonated brand in Q2 due to its instant popularity and ubiquity. Rounding out the top three were two other brands very much associated with COVID-19 shifts toward e-commerce and delivery: Amazon and DHL. For comparison, the three most impersonated brands in Q1 2020 were American Express, Amazon and iCloud.

“Our analysis of BEC and email security trends in Q3 will certainly prove to be interesting as we expect a downward trend in COVID-19-related attacks, an uptick in attacks related to the 2020 election and a continued rise in BEC, as attackers find success with socially-engineered techniques that evade traditional email security defenses,” said Reiser. “Business leaders need to continue to focus on reviewing email security measures, most importantly examining BEC defenses, to ensure protection against attackers who are gaining steam.”

The Abnormal Security platform protects against targeted attacks by analyzing multiple data sources, including data beyond email. Abnormal Behavior Technology (ABX) uses this rich set of organization-specific data to uniquely drive the Abnormal Identity Model, the Abnormal Relationship Graph and Abnormal Content Analysis. Through this combination, ABX results in exceptional detection efficacy. More than 70% of business email compromise attacks identified through Abnormal Security platform customer deployments were not initially blocked by security email gateway solutions.

Methodology

Deployed as a native integration into the Microsoft Office 365 environment with customers leveraging a wide variety of email security tools, Abnormal Security gathered data and analyzed the types of BEC attacks that slip past traditional defenses.

The Abnormal Quarterly BEC Report for Q2 2020 report is now available for download.

About Abnormal Security

The Abnormal Security cloud email security platform protects enterprises from targeted email attacks. Powered by Abnormal Behavior Technology (ABX), the platform combines the Abnormal Identity Model, the Abnormal Relationship Graph and Abnormal Content Analysis to stop attacks that lead to account takeover, financial damage and organizational mistrust. Through one-click, API-based Office 365 and G Suite integration, Abnormal sets up in minutes, requires no configuration and does not impact email flow. Backed by Greylock Partners, Abnormal Security is based in San Francisco, CA. www.abnormalsecurity.com

Contact:

Allison Stokes
fama PR for Abnormal Security
(617) 986-5010
abnormal@famapr.com

Related News & Press

Usa daily post logo
On a recent Price of Business show, Host Kevin Price interviewed former FBI cyber security expert, Crane Hassold. Crane Hassold is considered the foremost mind in email attacks and serves as Director of Threat Intelligence at Abnormal Security, the leading cloud email security platform.
Read More
The register logo
This summer, Abnormal Security discovered that some of its customers' staff were receiving emails inviting them to install ransomware on a company computer in return for a $1m share of the "profits".
Read More
Digital anarchist logo
Adtech and email security? Abnormal Security CEO Evan Reiser will tell us all about it and how he hopes his company can help. Listen to the podcast to learn more.
Read More
Help net security logo
Abnormal Security announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is an all-in-one email security platform that provides precision against the full spectrum of email attacks.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the sheer amount of marketing noise filling the cyberspace. Buzzwords, acronyms and all sorts are being thrown around manically. A lot of organizations benefit from a marketing focus especially SMBs but this is often prioritized above the technology/product.
Read More
Aix outlook logo
Abnormal Security has announced its Integrated Cloud Email Security (ICES) platform. Unlike other email security platforms, Abnormal ICES provides a single, comprehensive solution for protecting against every kind of email attack. Together with Microsoft 365...
Read More
Cso logo
The damage from executive email account takeovers can run into millions of dollars, as recent examples show. In 2019, Toyota Boshoku Corporation lost $37 million after the information in a payment direction from a third-party was changed...
Read More
Symbol purple 02b
Abnormal Security today announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is the only all-in-one email security platform that provides unparalleled precision against the full spectrum of email attacks.
Read More
Cyber pro podcast logo
Mike shares his insights and experience on the role of the fundamentals of patch management and access management during these highly innovative times in technology.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the advantages of focusing on the problems in cybersecurity without any preconceptions and how this benefits the overall process. This episode is really insightful not just to anyone looking to join the cybersecurity space at any level.
Read More
Cbs chicago 2 logo
If your child’s school gets hacked and their personal information gets stolen, you might never hear about it. CBS 2 found one southwest suburban school district that was targeted.
Read More
Cso logo
Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management, zero-trust, and more.
Read More