IT leaders consider email fraud to be one of the top security risks wtnessed by businesses in the contempory scenaro, while as many as 60% of them think businesses are exposed to email threats every week accordng to a recent survey.

Hiver, a leading email collaboration solution for teams, conducted a survey among over 100 IT decision-makers across large corporates and startup to understand how organisations in India are coping with email related threats.

In recent months, as IT teams across businesses navigate challenges resulting from COVID-19, email security remains a top priority. Cybercriminals are taking advantage of the discussions around the outbreak and tricking users to click on malicious links or attachments in emails. There continues to be a steady increase in the number of COVID-19-related spear phishing attacks.

The findings showed that companies have become more cognizant of the increasing threat from email fraud, and an astonishing 94% acknowledged that their company is likely to be targeted by email fraud over the next one year. More than 90% CIOs believe their organisations are exposed to email threats at least once a month.

On being asked the key reason behind rising email fraud, 46% respondents claimed that attackers/hackers were becoming more advanced and they were also growing more effective at evading traditional security tools.

A similar percentage of respondents opined that it was because attackers are constantly changing their tactics and given the emergence of new diverse and advanced threats, it is difficult to secure organisations against such unknown threats. For instance, the coronavirus related attacks use common phishing tactics, but are using the pandemic as a hook to scam users and capitalize on the fear and uncertainty of the intended victims.

More than a third of the respondents (36%) said 'spam emails reaching the inboxes', followed by 'credential theft' (sending a fake login page) and 'spoofing' (impersonation of a person or brand) were the biggest risks to email security. One in five respondents had experienced data breach due to an email attack. These include compromised accounts, loss of confidential data, credentials, and fraudulent financial transactions.

The survey revealed that a whoping of 90% IT leaders, rely on technologies and automated tools to secure email and remove threats. When asked about preventive measures being taken to protect the organisation against email fraud, surprisingly hardly any of the respondents mentioned undertaking training of end users to increase awareness of email threats.

However, a good 55% of the IT decision makers surveyed agreed that training employees in best practices is the most important factor when it comes to prevention of email fraud. Some of the best practices include use of strong passwords, use of two-factor authentication and implementing antivirus/anti-malware software to scan emails. While the email scams leveraging Coronavirus are new, the same security measures still apply.

"The survey reveals that email fraud is quite pervasive and despite security measures, continues to rise. The risks are continuously evolving and CIO/CTOs remain concerned about the severity of email threats. Organizations need a multi-layered defense strategy that should include employee training in preventive measures, financial controls to prevent fraud and most importantly, technology and tools to combat the threats of email attacks", said Niraj Ranjan Rout, CEO and Co-founder of Hiver.