Articles about Email

Researchers at Abnormal Security have detected an increase in business email compromise attacks that successfully compromise email accounts despite the use of multi-factor authentication (MFA) and Conditional Access.

This is possible because legacy email protocols, including IMAP, SMTP, MAPI and POP, don't support MFA. In addition many common applications -- such as those used by mobile email clients (for example, iOS Mail for iOS 10 and older) -- don't support modern authentication.

Continue reading →

A new report from email security and cyber resilience company Mimecast, released to coincide with this year's virtual Black Hat conference, reveals that threat actors are motivated by monetary gain more than stealing data or intellectual property.

It also finds that COVID-19 continues to be a major theme in current attacks, especially in certain sectors, and that opportunistic and malware-based campaigns are being launched at volumes never seen before, with manufacturing, retail/wholesale, finance/insurance, and media and publishing being the hardest hit.

Continue reading →

A report released today by email security firm Tessian reveals that 43 percent of US and UK employees have made mistakes resulting in cybersecurity repercussions for themselves or their company.

A quarter of employees confess to clicking on links in a phishing email at work, with distraction cited as a top reason for falling for a phishing scam by 47 percent of employees. This is closely followed by the fact that the email 'looked legitimate' (43 percent), with 41 percent saying the phishing email looked like it came from a senior executive or a well-known brand.

Continue reading →

Mozilla has released Thunderbird 78.0 for Windows, Mac and Linux. It’s the first major update of the popular open-source email client since August 2019, and is only available as a direct download -- existing users of the Thunderbird 68.x series are advised to wait for a future release that will provide an upgrade path.

A host of new and changed features have been implemented, although the long-heralded built-in support for OpenPGP encryption has been disabled by default for now due to some outstanding issues.

Continue reading →

Gmail and numerous other web-based email services have long supported the option of creating disposable email addresses using a +xxx suffix. Now Microsoft is catching up with the competition and is planning to bring this option to Office 365.

The company refers to the upcoming feature as Plus Addressing, and it's due to arrive at some point in the third quarter of this year.

Continue reading →

With increased numbers of people working remotely, a new report reveals that cybercriminals are using email impersonation to prey on the sense of urgency of an increasingly distracted and dispersed workforce.

Email security company GreatHorn has collected data from over 640 security, IT and C-suite professionals to gain a better understanding of new threat vectors and attack strategies. It found almost half of respondents (48.7 percent) report seeing impersonations of people such as colleagues, customers or vendors.

Continue reading →

An update from last month seems to have introduced a bug into the Mail app which is causing problems with Gmail accounts.

The bug causes sent emails to be deleted, meaning there is no way to check past correspondence. While numerous people have used Microsoft Answers to report the issue, Microsoft is yet to acknowledge the problem. There are, however, a couple of workarounds you can try if you are affected.

Continue reading →

Very rarely in life is certainty guaranteed. Almost every decision we make is made imperfectly, without complete knowledge and based on a gut-checked risk assessment. When it comes to protecting your organization from phishing attacks, this still rings true. Yet, most email security providers still see through a black-and-white lens and act in terms of absolute certainty. As a result, they effectively protect against the known bad, but let unfamiliar threats slip right through.

Employees at every level of your company are making hundreds of email decisions every day -- open this, delete that, respond to this, leave that for tomorrow. With so much inbox noise, a potential phishing email can infiltrate easily -- and can impact an entire organization profoundly.

Continue reading →

In yet another sign that cybercriminals are keen to exploit the current world situation, in the second and third weeks of March business email compromise (BEC) attacks increased more than 430 percent according to email security specialist Abnormal Security.

In the early part of the year attacks on C-Suite executives decreased by 37 percent from Q4 2019 to Q1 2020, while the focus shifted to finance employees, attacks targeting them increasing 87 percent in Q1 2020 against Q4 2019.

Continue reading →

Email is still a favorite attack route for cyber criminals a new study reveals, 77 percent of respondents say they have or are actively rolling out a cyber resilience strategy, yet an astounding 60 percent of respondents believe it is inevitable or likely they will suffer from an email-borne attack in the coming year.

Respondents to the Mimecast survey of more than 1,000 IT decision makers cite other worries as data loss (31 percent), a decrease in employee productivity (31 percent) and business downtime (29 percent) due to a lack of cyber resilience preparedness.

Continue reading →

Email compromise via spoofed domains or compromised accounts is a major problem. But a new cloud platform from Abnormal Security tracks the reputations of an organization's vendors and customers, and improves detection accuracy of advanced social engineering attacks.

VendorBase is a global database that gives organizations the ability to see detailed views of all vendors, including profile information, the VendorBase risk assessment score, explanations on risk scores, a timeline view of relevant email communication and security activity for that vendor.

Continue reading →

A couple of months ago, Google added a new time-saving "search chips" feature to Gmail for G Suite users. These new filtering options make it easier for G Suite customers to search their inboxes using a series of new buttons and menus at the top of Gmail.

Now Google has started to roll out the same feature to non-paying users of Gmail, helping to make life a little easier for anyone who has ever struggled to find things in their inbox.

Continue reading →

Social engineering is one of the most common approaches taken by cybercriminals in order to steal data or get users to install malware.

But a new generation of payload-less attacks is now starting to emerge. How can businesses protect themselves from these threats? We spoke to Evan Reiser, CEO and co-founder of email security specialist Abnormal Security to find out.

Continue reading →

Researchers at Check Point have revealed how a sophisticated cybercrime gang managed to trick three UK private equity firms to steal hundreds of thousands of pounds.

The gang, named 'The Florentine Banker,' got away with over £500,000 following a complex business email compromise (BEC) attack.

Continue reading →

Email is now the primary form of communication for most people, but a side effect of that is it's also become the primary means of distributing malware and other threats as well as becoming an advertising medium.

Edison Software has announced that this summer it's launching OnMail, which it claims is the first mail service to provide users with full control over what can enter their inboxes.

Continue reading →