New data from U.K. cyberinsurer Beazley highlights the growing trend of mid-market organizations being the target of social engineering attacks and fraud.
So much emphasis is placed on the threat footprint of enterprise organizations, as well as the unpreparedness of the small business. But rarely does the focus settle on the mid-market. But Beazley’s latest Breach Insights - Q2 2020 zeros in on mid-market trends they’re seeing.
According to the report, attacks on the mid-market are soaring:
- 60% of social engineering attacks reported in Q2 of this year were from the midmarket. This is a 30% increase from Q1.
- The mid-market was the target for 55% of attacks involving instructions to commit fraud, a 129% increase over Q1.
The most targeted industries were healthcare, financial institutions, manufacturing, real estate, and education. Makes sense; these are industries with lots of financial transactions occurring each week – the perfect opportunity for a cybercriminal to commit fraud.
Beazley points out a few ways to help thwart attacks like these:
- Use MFA for everything possible, including “remote access to your email system, your VPN, your ACH system, and other sensitive applications.”
- Verify financial requests out-of-band, using the voice verification and vice-versa (using a known email address) should the request come in via phone.
- Educate employees about these kinds of scams via Security Awareness Training, the tactics used, and how to identify and avoid phishing scams.