Abnormal’s Q2 BEC Report Uncovers Ongoing, Accelerated Trends in Pandemic-related Email Security Attacks

Earlier this year, we released our first Quarterly Business Email Compromise (BEC) Report for Q1 2020. Since then, we’ve continued to monitor trends in how attackers use email to target enterprises and organizations, helping us better understand how and why these attacks happen. Today, we’ve released our Q2 2020 BEC Report, which highlights the continuation of COVID-19-related attacks, growing BEC attack volumes, the acceleration of payment and invoice fraud and important shifts in pandemic-influenced brand impersonations.

What we’ve learned is that cybercriminals are moving at the same pace of our changing world – leveraging workplace upheaval and exploiting businesses’ weakest links – such as vendor and partner relationships. This has led to increased BEC attacks that are more sophisticated and targeted than any we’ve seen previously. Here are some of our major findings:

  1. COVID-19-themed email attacks peaked and plateaued mid-quarter 
    Mirroring the surge of the initial coronavirus outbreak itself, we observed a significant spike in COVID-19-themed attacks that started in late Q1. Attack volume peaked in the third and fourth week of April before plateauing and returning to mid-March levels. Overall, weekly campaign volume increased 389% from Q1 to Q2 and COVID-19-themed credential phishing attacks increased 195% during this same period. For the first time, we detected a surge in payment and invoice fraud related to the pandemic. 
  1. BEC attack volume per company is increasing
    Q2 2020 saw a surge in BEC attack volume with the number of BEC attacks per company increasing by 11% as hackers took advantage of new work-from-home scenarios. 
  1. Payment and invoice fraud growth accelerates
    The growth in payment and invoice fraud accelerated in Q2, with attacks increasing 112% over Q1 (as compared to a 75% growth rate from Q4 2019 to Q1 2020).
  1. Attackers continue shifting from C-suite to vendor and finance targets 
    The rate of BEC attacks targeting employees in finance departments increased by 50% in Q2, aligning with the continued increase in payment and invoice fraud attacks.
  1. The most impersonated brands map to the pandemic-influenced zeitgeist
    Zoom supplanted American Express as the number one impersonated brand in email attacks, followed by Amazon and DHL.

We’ll continue to keep an eye on these quarterly trends, and expect that in Q3 we’ll see a downward trend in COVID-19-related attacks and an increase in election-themed attacks, along with the continued rise in BEC, which we know is the most expensive and damaging form of email security attacks. To learn more about how your organization can protect against BEC, contact us for a free demo of how Abnormal can help. For a free copy of the Q2 BEC Report, click here.

Related content