Did you know that 80% of security threats start with an email? This means that email security threats are putting your sensitive (read: client!) information at risk—right at this very moment.
As such, protecting your email must be one of your top security goals. Unfortunately, fully managing email security on your own has become an impossibility. As AI matures and threats become more complex, it’s becoming difficult for even seasoned employees to avoid acting on dangerous emails.
To see how challenging it’s becoming to avoid email threats, let’s look back at some examples from the first half of 2023.
One Q2 study, released in July 2023, shows that credential phishing activity increased 85% over Q2 of 2023 compared to Q2 of 2022.
With credential phishing, attackers use compromised accounts to ensure their malicious emails are delivered, as they are using legitimate domains.
Also in July, Microsoft reported that customer email systems had been infiltrated by Chinese hackers. The victims of this espionage activity included US federal agencies.
Consumer Affairs and Trend Micro also identified in July that consumer surveys are being used to steal customer information, including credit card info.
In June, Bleeping Computer covered the current state of business email compromise (BEC), naming false invoicing, attorney impersonation and CEO fraud as some of the tactics used to trick employees into taking dangerous actions.
Note that these techniques often involve research about recipients and are meant to be highly personalized.
According to Vipre’s Email Threat Trends Q1 2023 report, vendor impersonation threats were common over the first quarter of 2023, with one in every four emails being part of a phishing campaign. These campaigns often involved vendors that consumers knew about or were using solutions from.
Microsoft was the most impersonated vendor in Q1 of 2023, with attackers using malicious links and attachments to gain access to data. The report also notes the use of emails containing malicious Microsoft OneNote attachments as an attack technique.
These threats contain a high level of sophistication, target the victims and appear to come from legitimate vendors.
So, what should you do to protect your firm or small business from these proliferating email threats?
If you don’t have an internal security team, you should choose a trusted partner to deliver comprehensive email security for you.
Whether internal or external, your email security must have the following four capabilities:
Ready to get protected? We can help.
Last quarter, we blocked over 100,000 threats for our Managed Security and Managed Microsoft 365 solution customers.
Recommended for you
Subscribe to Our Blog
Join our mailing list and get all of the latest news delivered straight to your inbox.