Mike Fleck, Senior Director, Sales Engineering at Cyren

Email remains the most popular and successful attack vector in the digital landscape, the reason being because it is simply the most commonly used digital communication channel across the globe. On average, over 330 billion emails are sent every day. The sheer volume-and the fact that almost every employee within an organisation uses email- makes this channel a popular target for potential security threats. Finance organisations use email not only for internal communication but also for customer service interactions and marketing. A banking survey in 2021 showed that over 76.8% of users consider email as the primary channel for communicating with banks. That’s why financial institutions are at the frontline of email-driven security risks.

In order to attain more insight into the email threats targeting the financial sector and the potential remedies, we talked to Mike Fleck at Cyren, a leader in enterprise email security solutions.

1. What do you see as the main reason for the continued increase in successful email threats targeting the financial sector?

Email threats have become much more dynamic over the years.  Although phishing continues to be the most common attack vector in the domain of email threats, the mix of breaches attributed to email attacks has expanded significantly in recent times. In our latest benchmark research, we surveyed 226 organisations that use Microsoft 365 for email. We found that compared to 2019, there was a 71% increase in ransomware-driven email attacks, 44% increase in phishing attacks, and 49% increase in credential compromise attacks. Phishing is no longer the only path for email threats, as attacks are now being driven by multiple sophisticated methods, which evidently leads to more successful threats.

Mike Fleck

The financial sector has always had a red mark on its back to threat actors, mainly because of the highly sensitive information and valuable assets managed by financial organisations. Email serves as the most vulnerable and easily compromised access point for threat actors, which is why the number of email breaches has massively increased over the years. Our research found that the number of email breaches across all organisations has almost doubled each year over the past three years.

Although most organisations are using email client plug-ins for reporting suspicious messages, only 22% of the organisations stated that they analyse all reported messages for malicious content, leaving a major gap in awareness and threat response. Our survey showed that inefficient threat response and a lack of urgency is the most concerning factor for security managers. Threat actors are consciously aware of these shortcomings, which is why they are able to frequently launch successful email attacks targeting the financial sector.

2. Why is the email channel so appealing for fraudsters, and what are the techniques they use to target financial service organisations in this way?

Historically, email has always been the primary channel for business communication, and as businesses continue to attain cloud-based services, email has become a productive norm for file-sharing and communication. Email channels also integrate easily with any cloud application, facilitating businesses to pursue more productive interactions. There is also the fact that email is accessible to most personnel regardless of their technical ability.

This flexibility and continued dependency on email is also the reason why it is an appealing channel for threat actors. Because email channels are integrated with almost every organisation’s platform, breaching an email allows cybercriminals to backtrack into critical network infrastructure and compromise valuable assets. Most threat actors tend to target the user rather than the system, and email channels are used by almost every employee in a financial organisation regardless of their experience, role, technical awareness, or skills. Therefore, targeting emails allow threat actors to utilize a much wider attack surface.

Another major reason is breaching the email channel is far less complex than breaching secured network endpoints and access firewalls. With techniques like social engineering and phishing, threat actors often don’t have to use significant resources or complex methods to breach employee email accounts. Our research showed that phishing is still the most used technique by attackers; 69% of all email breaches were due to phishing attacks. Other frequent techniques were Microsoft 365 credential compromise (60%), malware (59%), and ransomware (51%).

The means of carrying out these attacks are also easily accessible and available to almost anyone. Threat actors can buy a ransomware kit for as low as $66, and phishing kits are available for as little as $20. So, even the most inexperienced attackers can use such tools to exploit the email accounts of users and gain access to the critical resources of financial organisations.

Simply put, email provides a direct and economical path to the weakest point of every organisation’s cybersecurity program – its people.

3. How important is proactive security awareness training when it comes to defending against email attacks?

The previous consensus was that email threats thrive on the user’s lack of awareness. Cybersecurity leaders believed that the “last mile” problem of phishing attacks can be solved if employees are able to detect and avoid fraudulent emails. Frequent awareness training is important to help employees stay up to date on evolving email attacks and identify malicious content or messages more easily. Over 99% of organisations offer awareness training, but only one in seven organisations offer training monthly or more frequently.

The dynamics of the attack vectors and techniques change constantly with the emergence of new technologies and vulnerabilities. Without frequent training, employees won’t develop a conscious awareness of email threats. We found that organisations that offer email awareness training every 90 days or more frequently, are less likely to fall victims to phishing, business email compromise (BEC), and ransomware attempts.

Our research also showed a correlation between frequent training and email reporting frequency. Organisations that offer frequent training also experience a high rate of malicious or suspicious email reports – meaning that employees become more conscious and aware of the potential threats. That’s why frequent proactive awareness training is critical for protecting against email attacks. However, organisations need to appreciate that a higher volume of reported emails will result in a higher number of alerts that Security Operations Centre analysts must investigate.

4. What are the steps you would recommend financial organisations take to implement effective inbox security solutions that bolster their cyber resiliency immediately?

Financial organisations need to act quickly when responding to a potential threat, as even a fractional security breach can cause unprecedented damage to its assets. Organisations are beginning to realise that employees fall victim to these scams because they are busy and distracted – not because they are apathetic or gullible. Also, relying on employees to spot and report suspicious messages is not a complete or efficient solution to the problem. Employees do not consistently report every threat, and what alerts they do generate have a false positive rate of at least 41%. In addition to constant awareness training, organisations must incorporate effective inbox security solutions to increase their cyber resiliency.

When implementing effective inbox security solutions, financial organisations must consider the response and reporting time.  They must choose solutions that can detect threats in real time and automate the response to those threats for quick remediation.

An effective approach for financial leaders is to invest in automated solutions that can detect and remove social engineering threats in real time. Automated inbox security solutions can continuously scan inbound and outbound email folders, including their contents such as URLs and web pages. Such solutions can detect and report anomalies, resulting in real-time detection. Automated threat response solutions can strengthen the built-in security capabilities of the email gateway, such as Microsoft 365 Defender. Combining automated solutions with the existing threat response framework can optimise the response process and significantly reduce the time and cost of threat investigation.

By Andrew Scargill, Logistics Operations EMEA at Digital River

Caught between the chaos of coronavirus and fallout from Brexit, international supply chains are under serious strain. Add into the mix a global labour shortage that shows no sign of abating, and the cross-border flow of goods is set to get even trickier.

As economies reopen post-pandemic, employers across all sectors are struggling to fill vacancies. The residual consequences of COVID-19 are a big part of this — the public health emergency has fundamentally altered how and where people want to work. Britain’s departure from the European Union is also a factor, with UK companies unable to freely draw on the continent’s vast workforce like before.

Such is the interconnected nature of global commerce, upsets in one market can be felt thousands of miles away. And so, lacking the staff to pick, pack, load, and deliver their products, businesses around the world are facing a festive season that’s far from jolly.

Keeping up with demand

As brands navigate these colossal challenges, they are also working to meet customer demand that saw unprecedented growth as the pandemic took hold and continues to rise.

Last year, as lockdowns were called and public life retreated behind closed doors, shoppers took to the internet like never before. A peripheral interest for many people prior to the pandemic, eCommerce was suddenly a necessary part of everyday life.

Shoppers have grown accustomed to rock-bottom prices and next-day delivery. This raises the obvious question: can supply chains continue to meet customer expectations amid an era of unprecedented disruption?

The answer is yes — but it’ll require some serious investment in innovative new technologies, and it could come with a cost shoppers and brands aren’t willing to pay.

Robots to the rescue?  

The merits of AI and machine learning are well documented: smart systems can speed up menial tasks, reduce the risk of human error, drive higher levels of productivity, and help businesses bolster their bottom lines.

There is, however, a human cost to the advance of automation, with fewer paying positions for real people. This is particularly pronounced in key supply chain sectors, such as warehousing.

Today, storage and distribution facilities are huge providers of jobs — but tomorrow, that may not be the case. So-called ‘dark warehouses’, great fulfilment centres staffed by semi-autonomous robots, are developing fast.

Whereas human workers require power-hungry lights to operate, machines can pick and pack products perfectly well in the dark, allowing this new breed of warehouse to run twenty-four hours a day, seven days a week.

Customers’ call

Such a continuous operation would offer clear commercial benefits. But what of the warehouse’s human workforce?

That, ultimately, is a question that companies must address with guidance from their customers. While shoppers want that last minute late-night order delivered the very next day, they are increasingly concerned about company values, including how an employer treats its staff.

If customers are truly worried about robots taking workers’ jobs, they would have to commit to paying a little more or waiting a little longer for delivery from a brand committed to human employees. That is assuming shoppers are even aware of what level of automation is involved in fulfilling their order.

Customer demands are directing how companies adopt new supply chain technologies, with those that improve service and provide a better buying experience coming out on top.

To really tap into the needs and wants of their customers, businesses must leverage data in a meaningful way. This means utilising data mining tools that can help predict buying patterns, allowing brands to finesse supply chains so that the right products are in the right place at the right time. Attention to creating more efficiencies in supply chain through data and automation could lead to more jobs in engineering, design, management and repair.

Get this right, and businesses will have their customers on board as they explore new supply chain technologies and the potential of automation.