The email was invented nearly five decades ago (48 actually). But that does not mean it has remained stagnant. On the contrary, it has evolved countless times since 1972 until this day.
We have seen new email providers come into the picture, said goodbye to many along the way, and welcomed new features that made email faster, more convenient, secure, and anonymous.
Security wasn’t so much an issue in the early days of email, but with the rise of cybersecurity threats, it’s more so today than ever.
For example, in its State of Email Security in 2020: More Spam, Malware, Phishing & Ransomware Ahead report, digital security company Fortinet states that:
“Even after an organization’s existing email security solution did its best to filter out malicious or risky traffic, our email analytics found that 1 in 3,000 messages still contained malware, including ransomware.”
Fortinet continues that for an organization with 100 employees, where each employee receives, on average, 121 emails daily, according to Campaign Monitor, there will be at least 4 malware-infected emails.
With that in mind, it is important to know what is going on in email security to respond to those threats adequately.
Biggest Secure Business Email Trends in 2020
Here are our top 7 secure business email trends to watch out for in 2020.
- Phishing vs 2FA
Two-factor authentication, or 2FA, often gets hailed as the long-awaited solution to secure our login information. At the very least, it seems to work against automated bot hacks.
However, as we have seen time and again with every security solution so far, it was only a matter of time before scammers and hackers found a way to circumvent it.
And they are doing that not through complicated codes and algorithms but social engineering. More specifically, phishing.
This way, scammers can fool their victims into giving them one-time passcodes from their SMS messages during the 2FA process. This was how hackers bypassed Gmail’s 2FA at scale back in 2018, for example.
- More Businesses will be Targeted for Phishing
We will likely see fewer malware attacks in the future, but phishing and other social engineering ploys will happen at a larger scale and will cover more businesses than before.
Moreover, the threat won’t come just from criminal organizations but more and more from foreign threat actors, including China and Russia, especially during elections.
- Vendor Email Compromise will Become the Number One Email Security Threat
According to the Financial Crime Enforcement Network (FinCEN), the average number of reported BEC (Business Email Compromise) in 2018 was 1,100, whereas it was 500 two years prior. (via PYMNTS)
In 2020, VEC, or Vendor Email Compromise, surfaced as the favorite of email hackers and scammers targeting businesses.
How does VEC work?
In this attack, hackers take over enterprise email accounts (by whatever means), but don’t take action yet. Instead, they lie in wait, monitoring the communications. They impersonate legitimate entities throughout the supply chain when they have enough information.
- BEC Sees New Players
Speaking of the Business Email Compromise, 2020 and beyond will see new threat actors emerge.
In particular, West African cybercrime groups (Nigeria in particular), will be joined by Russian and East European rings with their own devastating BEC attacks.
- Genetic Research and Healthcare Companies Will be Rich Targets
Cyberthreat actors are always looking for easy targets that are rich in data. If those targets are also relatively easy, that’s a win-win for the bad boys.
Well, cybercriminals have found such targets in genetic and healthcare companies. They will increasingly try to get into their databases to get away with the data, including patient family heritage, medical records, and more.
- Ransomware Attacks will become More Precise
With many reports of ransomware declining in recent years, you’ll be forgiven for thinking it won’t pose a problem anymore. Overall, phishing, for instance, was down 42% in 2019, according to the 2020 SonicWall Cyber Threat Report.
The truth is that ransomware is still pretty much a threat, but attacks are becoming more surgical and have bigger consequences. For instance, the average ransom almost doubled between 2018 and 2020 from $4,300 to $8,100.
- Price of Phishing Kits Increase
Today, you can get a full phishing kit with zip files, PHD files, HTML, images, and more online. The good news is that the price of phishing kits has increased from $122 on average (2018) to $304 (2019).
The bad news is that there are now more sellers and the year-on-year number of phishing kit sellers increased by $120% between 2018 and 2019.
Conclusion
These trends don’t paint a very nice picture of the future of email security. However, they more than emphasize the ever-growing need for secure business email providers that can protect organizations from hackers, scammers, and other cyber threats.
In many ways, the email’s openness is the problem here. Employing a more secure anonymous email would deter many of these threat actors.
Of course, security begins with the employees or users. If they don’t know how to send a document over the Internet securely, they are making it that much easier for cybercriminals.
Keila is a secure, anonymous email provider that brings many security features to the battle against email threats, including phishing protection mechanisms, 100% audited open-source code, Zero-Knowledge Password Protection, and more.