Articles about Email

Very rarely in life is certainty guaranteed. Almost every decision we make is made imperfectly, without complete knowledge and based on a gut-checked risk assessment. When it comes to protecting your organization from phishing attacks, this still rings true. Yet, most email security providers still see through a black-and-white lens and act in terms of absolute certainty. As a result, they effectively protect against the known bad, but let unfamiliar threats slip right through.

Employees at every level of your company are making hundreds of email decisions every day -- open this, delete that, respond to this, leave that for tomorrow. With so much inbox noise, a potential phishing email can infiltrate easily -- and can impact an entire organization profoundly.

Continue reading →

In yet another sign that cybercriminals are keen to exploit the current world situation, in the second and third weeks of March business email compromise (BEC) attacks increased more than 430 percent according to email security specialist Abnormal Security.

In the early part of the year attacks on C-Suite executives decreased by 37 percent from Q4 2019 to Q1 2020, while the focus shifted to finance employees, attacks targeting them increasing 87 percent in Q1 2020 against Q4 2019.

Continue reading →

Email is still a favorite attack route for cyber criminals a new study reveals, 77 percent of respondents say they have or are actively rolling out a cyber resilience strategy, yet an astounding 60 percent of respondents believe it is inevitable or likely they will suffer from an email-borne attack in the coming year.

Respondents to the Mimecast survey of more than 1,000 IT decision makers cite other worries as data loss (31 percent), a decrease in employee productivity (31 percent) and business downtime (29 percent) due to a lack of cyber resilience preparedness.

Continue reading →

Email compromise via spoofed domains or compromised accounts is a major problem. But a new cloud platform from Abnormal Security tracks the reputations of an organization's vendors and customers, and improves detection accuracy of advanced social engineering attacks.

VendorBase is a global database that gives organizations the ability to see detailed views of all vendors, including profile information, the VendorBase risk assessment score, explanations on risk scores, a timeline view of relevant email communication and security activity for that vendor.

Continue reading →

A couple of months ago, Google added a new time-saving "search chips" feature to Gmail for G Suite users. These new filtering options make it easier for G Suite customers to search their inboxes using a series of new buttons and menus at the top of Gmail.

Now Google has started to roll out the same feature to non-paying users of Gmail, helping to make life a little easier for anyone who has ever struggled to find things in their inbox.

Continue reading →

Social engineering is one of the most common approaches taken by cybercriminals in order to steal data or get users to install malware.

But a new generation of payload-less attacks is now starting to emerge. How can businesses protect themselves from these threats? We spoke to Evan Reiser, CEO and co-founder of email security specialist Abnormal Security to find out.

Continue reading →

Researchers at Check Point have revealed how a sophisticated cybercrime gang managed to trick three UK private equity firms to steal hundreds of thousands of pounds.

The gang, named 'The Florentine Banker,' got away with over £500,000 following a complex business email compromise (BEC) attack.

Continue reading →

Email is now the primary form of communication for most people, but a side effect of that is it's also become the primary means of distributing malware and other threats as well as becoming an advertising medium.

Edison Software has announced that this summer it's launching OnMail, which it claims is the first mail service to provide users with full control over what can enter their inboxes.

Continue reading →

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a vendor-neutral authentication protocol that allows email domain owners to protect their domains from unauthorized use or spoofing.

A new report from anti-phishing specialist Valimail reveals that as of January 2020, nearly a million (933,973) domains have published DMARC records -- an increase of 70 percent compared to last year, and more than 180 percent growth in the last two years.

Continue reading →

At the root of most data breaches is a compromised account, but these can be very hard to identify, often coming to light only after they've been used to steal data.

Email security specialist GreatHorn is launching a biometric solution that effectively identifies compromised accounts and blocks takeover attempts by validating users using their unique typing patterns.

Continue reading →

Microsoft launched a limited test of Outlook.com Premium back in 2016. This was a subscription-based service that anyone could sign-up for after the test period ended to gain access to a number of benefits including up to five personalized (custom) email addresses and an ad-free environment.

Outlook.com Premium became available to users from the United States in the same year for an introductory price of $19.99 instead of the regular price of $49.99.

Continue reading →

If you prefer to access your email through a desktop client, then Thunderbird is one of the better choices. However, the future of the open source tool has been a little rocky in recent years after the Mozilla Corporation decided to stop supporting it.

However, there’s a lot of love for Thunderbird out there, and it’s managed to survive, and even grow thanks to user donations. And now the email client has found a new home.

Continue reading →

Microsoft plans to introduce a new feature to its Outlook on the Web service that provides users with the option to use email aliases when sending messages.

The company added the new feature to the Microsoft 365 Roadmap and lists it as 'under development' currently.

Continue reading →

Email is suffering an identity crisis. Email’s core protocols make no provisions for authenticating the identities of senders, which has resulted in a worldwide spearphishing and impersonation epidemic, leading to billions of dollars in monetary losses, security mitigation costs, and brand damage. As a result, email security will be a central theme in the new year, both as a source of threats as well as an increasingly urgent issue for cybersecurity professionals to address.

In 2020, we will see email security prove itself to be a weak link in election security as well as corporate security. At the same time, Domain-based Message Authentication, Reporting and Conformance (DMARC) will gain popularity across several industries, driven both by the need to eliminate domain spoofing, and by the desire for brands to take advantage of Brand Indicators for Message Identification (BIMI), a new standard that requires DMARC. Email authentication works -- but it’s up to domain owners to take advantage of it. Increasingly they will do so, as they realize that a failure to proactively defend their domains can leave them vulnerable to convincing exploits from cybercriminals.

Continue reading →

Organizations are being targeted by a mixture of simple, low effort and low-cost attacks along with more sophisticated, targeted campaigns, according to the latest quarterly Threat Intelligence Report from security and compliance specialist Mimecast.

Based on analysis of over 200 billion emails, the report looks at the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. This quarter's report finds that impersonation attacks are on this rise, accounting for 26 percent of total detections -- and now include voice phishing or 'vishing.'

Continue reading →