Email Security articles

Phishing emails are often sent out en masse and target people indiscriminately. According to a recent Gone Phishing Report, 7% of users clicked a phishing email in 2022. Of those, 44% submitted credentials in a subsequent online form. As high as these statistics are, spear phishing attacks–a highly targeted form of phishing–are much more successful. According to research by Barracuda, 11% of spear phishing email recipients click the links inside them. Let’s dive into what spear phishing is, why it’s […]

Enterprises are attractive, high-value targets for hackers; and because enterprises often have more employees and a more complicated environment, protecting against phishing and social engineering attacks is even more difficult. The Dropbox breach of late 2022 is a prime example of this weakness. Hackers emailed a large number of Dropbox employees, directing them to a malicious website where their credentials were stolen. This kind of risk is more common than not. According to the 2023 Verizon Data Breach Report, 74% […]

Business Email Compromise (BEC) is a type of email cybercrime in which attackers impersonate the owner of an email account in an effort to defraud a company. The attack, which is increasing in prevalence, often looks to obtain funds or credentials. Global losses from BEC attacks have increased by 17% from December 2021 to December 2022, reports the FBI’s Internet Crime Complaint Center (IC3). From October 2013 to December 2022, the IC3 recorded over $50 billion in global losses due […]

The underlying protocol that handles email sending—SMTP (Simple Mail Transfer Protocol)—is dangerously outdated. Initially developed in 1982, SMTP remains the de facto standard for sending emails because of its simplicity, compatibility, and efficiency. However, SMTP can be easily abused by threat actors. One simple way to do this is to “spoof” email addresses, which is using a fraudulent email address to impersonate a legitimate one. To deal with some of these vulnerabilities, key authentication protocols bolster SMTP and make it […]

According to a study of 35,000 organizations and 12.6 million individuals by KnowBe4, over 33% of users are susceptible to becoming victims of phishing attacks. These attacks often come via phishing emails carrying malicious attachments in the form of .js files, PDFs, excel sheets containing malicious macros, or script files, each of which allows the attacker to execute malicious code. While email security tools often detect these attachments, many still get through, posing a risk to less-trained employees who aren’t […]