Abnormal Security Research Shows Employees Open 28% of BEC Attacks

Abnormal Security, a behavioral AI-based security platform, released its H1 2023 Email Threat Report, which examines recent developments in the email threat environment and focuses on the growing risk employees pose to an organization’s cybersecurity.

The Abnormal research found that between July-December, the median open rate for text-based business email compromise (BEC) attacks was nearly 28 percent. Additionally, of the malicious emails that were read, an average of 15 percent were replied to. And while less than one percent of recipients engaged with more than one attack, 36 percent of replies were initiated by employees who had engaged with an earlier attack.

When it comes to email attacks, the odds are stacked against your workforce — and this data show how much. Threat actors increasingly take advantage of social engineering tactics to encourage employees to open malicious emails and fulfill requests like providing login credentials, updating bank account information and paying fraudulent invoices.

Using internal data aggregated over the prior six months, Abnormal’s H1 2023 Email Threat Report explored the rise of business email compromise and the continued popularity of supply chain compromise as an attack strategy. Over the past two halves, BEC attack volume grew by more than 81 percent, and over the past two years, it increased by 175 percent.

Additional findings from the report include:

  • Only 2.1 percent of known attacks are reported to the security team by employees, and 84 percent of employee reports to phishing mailboxes are either safe emails or graymail.
  • Employees in entry-level sales roles with titles like sales associate and sales specialist read and reply to text-based BEC attacks 78 percent of the time.
  • Between the first and second half of 2022, BEC attacks targeting SMB organizations grew by 147 percent.
  • Nearly two-thirds of large enterprises experienced a supply chain compromise attack in the second half of 2022.

“Email is undeniably the most common channel for asynchronous communication. And as our collective dependence on email has increased over the past two years, its popularity as an attack vector has also grown,” said Mike Britton, chief information security officer at Abnormal Security. “One of the biggest challenges with email attacks is that your employees have to be correct every time whereas threat actors only have to be successful once. While educating employees about potential threats can certainly help reduce the risk of them engaging with a malicious email, the most effective way to prevent attacks is by investing in an email security solution that ensures threats are never delivered in the first place.”

As cybercriminals continue to see success, email threats will only increase in volume and sophistication. To stay one step ahead, modern enterprises need a cloud email security solution that blocks attacks before they reach employee inboxes.

Abnormal baselines known-good behavior across your workforce and vendors, and then detects and remediates malicious emails in milliseconds to prevent end-user engagement. By pairing advanced behavioral science with risk-adaptive detection, Abnormal stops the full spectrum of email attacks and eliminates opportunities for employees to make a catastrophic mistake.

For information about these trends and to download the full report, visit: https://abnormalsecurity.com/h1-2023-report or for more information on Abnormal Security, visit abnormalsecurity.com/