Email

Researchers at Check Point have revealed how a sophisticated cybercrime gang managed to trick three UK private equity firms to steal hundreds of thousands of pounds.

The gang, named 'The Florentine Banker,' got away with over £500,000 following a complex business email compromise (BEC) attack.

Email is now the primary form of communication for most people, but a side effect of that is it's also become the primary means of distributing malware and other threats as well as becoming an advertising medium.

Edison Software has announced that this summer it's launching OnMail, which it claims is the first mail service to provide users with full control over what can enter their inboxes.

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a vendor-neutral authentication protocol that allows email domain owners to protect their domains from unauthorized use or spoofing.

A new report from anti-phishing specialist Valimail reveals that as of January 2020, nearly a million (933,973) domains have published DMARC records -- an increase of 70 percent compared to last year, and more than 180 percent growth in the last two years.

At the root of most data breaches is a compromised account, but these can be very hard to identify, often coming to light only after they've been used to steal data.

Email security specialist GreatHorn is launching a biometric solution that effectively identifies compromised accounts and blocks takeover attempts by validating users using their unique typing patterns.

Microsoft launched a limited test of Outlook.com Premium back in 2016. This was a subscription-based service that anyone could sign-up for after the test period ended to gain access to a number of benefits including up to five personalized (custom) email addresses and an ad-free environment.

Outlook.com Premium became available to users from the United States in the same year for an introductory price of $19.99 instead of the regular price of $49.99.

If you prefer to access your email through a desktop client, then Thunderbird is one of the better choices. However, the future of the open source tool has been a little rocky in recent years after the Mozilla Corporation decided to stop supporting it.

However, there’s a lot of love for Thunderbird out there, and it’s managed to survive, and even grow thanks to user donations. And now the email client has found a new home.

Microsoft plans to introduce a new feature to its Outlook on the Web service that provides users with the option to use email aliases when sending messages.

The company added the new feature to the Microsoft 365 Roadmap and lists it as 'under development' currently.

Email is suffering an identity crisis. Email’s core protocols make no provisions for authenticating the identities of senders, which has resulted in a worldwide spearphishing and impersonation epidemic, leading to billions of dollars in monetary losses, security mitigation costs, and brand damage. As a result, email security will be a central theme in the new year, both as a source of threats as well as an increasingly urgent issue for cybersecurity professionals to address.

In 2020, we will see email security prove itself to be a weak link in election security as well as corporate security. At the same time, Domain-based Message Authentication, Reporting and Conformance (DMARC) will gain popularity across several industries, driven both by the need to eliminate domain spoofing, and by the desire for brands to take advantage of Brand Indicators for Message Identification (BIMI), a new standard that requires DMARC. Email authentication works -- but it’s up to domain owners to take advantage of it. Increasingly they will do so, as they realize that a failure to proactively defend their domains can leave them vulnerable to convincing exploits from cybercriminals.

Organizations are being targeted by a mixture of simple, low effort and low-cost attacks along with more sophisticated, targeted campaigns, according to the latest quarterly Threat Intelligence Report from security and compliance specialist Mimecast.

Based on analysis of over 200 billion emails, the report looks at the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. This quarter's report finds that impersonation attacks are on this rise, accounting for 26 percent of total detections -- and now include voice phishing or 'vishing.'

In recent years there has been an explosion in the number of different channels that businesses use to keep in touch with their customers.

But a new study from cloud communications platform Twilio reveals that the newer channels aren't especially popular, with 83 percent of global consumers saying they prefer email when receiving communications from businesses.

Phishing attacks have become commonplace to the point where we almost take them for granted. From the cybercriminal's point of view they are popular because they work.

But what are the origins of phishing and how has it developed? Email security specialist Anavan has put together an infographic looking at the history and future of the threat.

Despite growing adoption of DMARC technology, fewer than 10 percent of enterprise email domains are protected from impersonation according to a new report from Valimail.

Valimail found that 850,000 domains worldwide now have DMARC records, a five times increase since 2016. However, fewer than 17 percent of global DMARC records are at enforcement -- meaning fake emails that appear to come from those domains are still arriving in recipients’ inboxes.

Email is now the preferred communication method for businesses, but this brings with it greater risk of employees leaking data due to errors or deliberate activity.

A survey from data security company Egress shows that of employees who had accidentally shared data almost half (48 percent) say they had been rushing, 30 percent blamed a high-pressure working environment and 29 percent said it happened because they were tired.

People may not be as good as they think they are at spotting phishing scams, according to researchers at the Missouri University of Science and Technology.

Dr Casey Canfield, Missouri S&T assistant professor of engineering management and systems engineering, worked with Carnegie Mellon University colleagues Baruch Fischhoff and Alex Davis on the study, which measures how well people’s confidence in their ability to detect phishing matches with reality.

Inefficient incident response to email attacks is costing businesses billions in losses every year. For many organizations, finding, identifying and removing email threats is a slow and manual process that takes too long and uses too many resources.

Research from Barracuda Networks finds that that, on average, a business takes three and a half hours to remediate an attack, and 11 percent of organizations spend more than six hours on investigation and remediation.