Email cyber attacks are nothing new. They have been around in one form or another almost since email was first introduced.
The first recorded instance of a spam email can be traced back to 1978 (the first email was sent in 1970, so just 8 years prior) and it was a message from Digital Equipment Corp (DEC) marketing to every United States west coast-based ARPANET address.
As for phishing, this "popular" type of email cyber attack is a bit younger than spam, but has still been around quite a while. The first phishing dates back to the 1990s as a way for people to access dial-up Internet without paying a fee to AOL (you needed their floppy disk at the time). After 30 days, the AOL free trial would expire and so some users started using fake names, impersonating AOL admins.
The year 2000 saw the beginning of common email cyber attacks as we know them today pretty much. On 4th May, 2000, users around the world started receiving a "love letter" titled "ILOVEYOU" with the message "Kindly check the attached LOVELETTER coming from me" with a cyber attack email attachment that, when opened, introduced a worm to the user's computer.
Email Based Cyber Attacks Today
As you can see, email cyber attacks have been around since its early days and not much has changed except for the fact that scammers and hackers have become more sophisticated in their tactics and that they now have better technology in their hands.
A couple of things did change, however.
First, the motivation for these actions went from wanting a free Internet or testing one's skills to being all about the money. According to Verizon's 2020 Data Breach Investigation Report, 86% of all data breaches are financially motivated.
At the same time, speaking of money, the cost of a breach has been increasing steadily throughout the years. IBM's Cost of a Data Breach Report, for example, says that the average cost of a breach per organization in 2019 was $3.92 million and per compromised or breached record $150.
In other words, cybercriminals are not working for peanuts.
On top of that, we also need to address the industries that are at most risk of an email cyber attack. First of all, no industry is really safe as long as they are online, but there's a distinction between small (up to 250), medium (250-1,000) and large (1,000+) companies and industries.
In the first category (1-250), the most targeted industries, according to Phishing by Industry 2020 Benchmarking Report from KnowBe4 are:
- Healthcare and Pharma
Next, from 250 to 999 category "belongs" to:
- Healthcare and Pharmaceuticals
- Business Services
And finally, the most "at-risk" industries of 1,000+ employees are:
- Healthcare and Pharmaceuticals (again)
Here's how to protect your enterprise from email attacks.
As you can see from the report, the Health and Pharmaceuticals industry is always in the top 3, with always more than 40% of companies in that sector under some cyber-attack or data breach.
The reason for this is that this industry contains perhaps the most sensitive user records such as Social Security numbers, health records and more and these are extremely valuable to cybercriminals.
For instance, SSN alone can cost $2 to $25 per account on the dark web black market, while health and medical records go from $10 to $1,000, according to CNBC.
Cyber Attack Email Examples
Unfortunately, for many people, industry reports are not enough to realize the dangers of email attacks. So, with that in mind, here are the biggest cyber attack email examples that happened in 2020:
In April, the healthcare giant and a Fortune 500 company, Magellan Health suffered a ransomware attack that saw cybercriminals get their hands on 365,000+ patient records. The hackers stole Magellan Health's employees' login credentials, which they then used to conduct an email phishing scheme against the patients and steal their SSN, W-2 info and other sensitive patient information.
Puerto Rico government
No, not even governments are safe from data breaches and email cyber attacks and the Puerto Rico government experienced this first-hand when it suffered two BEC attacks in January, for a total loss of over $4 million. In particular, one industrial development company suffered a $2.6 million loss and another government-owned tourism $1.5 million.
Then, we also have the Marriott hotel chain data breach of March, where hackers were able to recover login credentials of Marriott employees and use them to access data of over 5.2 million guests, including their names, phone numbers, travel info and more.
Use Liverado to Protect Against Email Based Cyber Attacks
Don't wait till your email already gets hacked. By then, it's already too late. Instead, protect your email beforehand from phishing, hacking and other email attacks.
Liverado is a secure and anonymous email service that provides state-of-the-art protection for all your email data so you don't have to fear hackers anymore. We use the best email encryption standards available today to encrypt your email data in transit and at rest (Gmail, for example, encrypts in transit using TLS).
In addition, Liverado also protects you from phishing using an anti-phishing phrase that you can easily set up to alert you of any phishing attempts, while our brute-force proof also protects your email from any brute force attacks.
You can sign up completely anonymously (no SMS phone verification needed and we strip your IP from your emails) for your free or paid Liverado account today and if you are not satisfied, we will return your money in the first 14 days, no questions asked.