Although it dates back to the early days of the Internet, email remains a vital communications channel for businesses. But it also continues to pose security challenges.

A new report from Abnormal Security found that phishing attacks targeting file sharing increased by 350 percent year-over-year, while business email compromise attacks (BEC) increased by more than 50 percent from the second half of 2023 to the first half of 2024.

Perhaps unsurprisingly, the financial sector is the most frequently targeted by file-sharing attacks, accounting for 14 percent of the total, followed by construction and engineering, and real estate.

“More than 40 percent of our customers are being targeted by a BEC attack every week,” said Mike Britton, Chief Information Security Officer at Abnormal Security. “Business email compromise attacks continue to use a lot of social engineering. The other thing is, it’s not just large organizations. Smaller organizations are increasingly falling victim to BEC attacks, and we’ve seen a 60 percent increase in incidents there.”

The report also shows that 60 percent of file-sharing phishing attacks are sent from legitimate domains. Attackers also use popular platforms such as Dropbox, ShareFile and Docusign to amplify their attacks and gain trust with victims. Only after the target leaves the email environment and comes into contact with the shared file or document are they exposed to the malicious content or payload.

The rise of remote work and larger hybrid workforces has led to a corresponding increase in the use of file-sharing services for business communication and collaboration. Attackers are taking advantage of this to convince people to click on their links.

“I use Dropbox, maybe I use Google in my organization. Even if I don’t, I recognize those names. So if I see a link that’s a Google File share, a Google Drive share, rather than something that’s some random website dot XYZ, my brain is much more likely to click on that or consider that a legitimate site,” Britton added.

Additionally, there has been a slight increase in vendor email compromise (VEC) attacks. This is a high-effort, high-reward strategy that uses social engineering tactics to abuse employee trust. On average, 41 percent of Abnormal customers were targeted by VEC each week between January and June 2024, compared to 37 percent in the second half of 2024.

Britton believes that spotting unusual patterns is the key to defending against these attacks. “You can’t do that without AI. There’s just too much data, too much going on, too many signals to see. That’s part of the other flaw with a lot of the old email solutions. They look at message headers, they look at a limited list of things, and they’re typically looking for indicators of compromise.”

The full report is available on the Abnormal Security website.

Image credit: stevanovicigor/depositphotos.com