Cyber-Attacks on Nonprofits Surge as Email Threats Skyrocket

Nonprofits are facing an alarming rise in cyber-attacks, with email-based threats jumping by 35.2% in the past year. According to a report by Abnormal Security, limited cybersecurity resources and high-trust environments make these organizations prime targets for phishing scams, business email compromise (BEC), and vendor email compromise (VEC) attacks. Cybercriminals exploit these weaknesses to steal donor data, redirect funds, and compromise internal communications.

Credential phishing has surged by 50.4%, allowing attackers to access donor databases and commit financial fraud, while malware attacks have increased by 26.2%, often disguised as invoices or grant approvals. A recent high-profile attack on Ascension, a major nonprofit health system, resulted in a ransomware infection that disrupted hospital operations and delayed patient care.

Nonprofits, often lacking the resources to recover from such incidents, are particularly vulnerable. To combat these threats, experts recommend AI-powered email security solutions that use behavioral analysis to detect and block sophisticated cyber-attacks. As digital fundraising and online collaboration expand, strengthening cybersecurity is crucial to protecting donor trust and ensuring nonprofits can continue their mission without disruption.
Source Info-security.