Articles about Email

Lookalike domains, crafted to closely resemble authentic domains, enable a wide range of deceptive activities. By sending emails that appear to originate from trusted sources, attackers can effectively conduct a variety of scams from phishing and social engineering attacks to invoice fraud.

A new report from BlueVoyant looks at how cybercriminals encourage their victims to click on lookalike domains, whilst highlighting the critical need for vigilance and proactive measures to counteract these threats.

Continue reading →

Nuances in digital messaging in the workplace are driving miscommunication according to a new study by Adaptavist.

The survey of 1,000 UK knowledge workers finds 'misinterpreting tone or phrasing' comes out as the biggest communication challenge facing workers, cited by almost half (46 percent) of respondents. This is closely followed by different response time expectations (46 percent) and lack of context (31 percent).

Continue reading →

Advanced email attacks on non-profit organizations have surged 35 percent year-on-year according to a new report from Abnormal Security.

Credential phishing attacks on non-profit organizations have escalated by 50.4 percent over the past year too. By stealing login credentials, cybercriminals gain access to internal communications, donor databases, and financial records, allowing them to launch further attacks or sell sensitive information on the dark web.

Continue reading →

A year on from Google and Yahoo implementing stricter requirements for bulk email senders, the rate of DMARC adoption has more than doubled.

A new study from Red Sift, based on the tracking of 72.85 million apex domains, shows the number of organizations adopting DMARC is up 2.32 million as of 18 December 2024.

Continue reading →

New research from the eSentire Threat Response Unit (TRU) shows a shift towards browser-based threats last year as more traditional email malware declines.

Moving onto 2025 the report predicts an increase in politically motivated cyberattacks, with adversaries disrupting the physical infrastructure of the Internet to disrupt internet access. It also expects we’ll see continued growth in ransomware attacks against all industries, abuse of certificate authority, and further increase in browser-based threats to deploy malware.

Continue reading →

Research by Fortinet has uncovered what it terms a 'phish-free' PayPal phishing attack that seeks to trick the unwary into giving up control of their account.

It starts with an email request for payment that appears to come from a valid email address. Click the link and you're taken to a PayPal login page showing a request for payment. This is where it gets clever because if you do login your account gets linked to the address the email was sent to -- not the one you received it on.

Continue reading →

Electronic communication, whether by email or text, is by its very nature pretty instant. So when you receive a new message the temptation is always to respond to it straight away.

The trouble with that is the people you're communicating with come to always expect a quick reply. We spoke to stress management expert Julia Arndt at Peak Performance Method to discover why not responding immediately could well be better for your stress levels.

Continue reading →

There have been rumors circulating for some time that creating an email service to compete against Gmail was on Elon Musk’s to-do list. While concrete details about what it might look like and when it might appear have been elusive, Musk has started to give something of an idea of his vision.

The billionaire has said on multiple occasions, including in the last few days, that X Mail is on the cards, but now he has given a clearer indication of what it might involve. The question is -- are people ready for it?

Continue reading →

Despite the rise of other means of communication email remains the most commonly used. This makes it attractive to cybercriminals as it offers an entry point to businesses and the gateway that employees rely on to do their jobs.

A new report from Abnormal Security highlights the attacks that we’re likely to see in the next year and shows the need for improved defenses, including the use of AI.

Continue reading →

Despite decades of technological advancement, email remains the predominant attack vector for cybercriminals, with estimates suggesting that 80-90 percent of cyberattacks originate through email channels. While the cybersecurity industry has made significant strides in other areas, many businesses continue to rely on outdated email security measures that leave them vulnerable to increasingly sophisticated threats. This protection gap demands immediate attention from IT leaders.

Traditional secure email gateways (SEGs) like Mimecast and Proofpoint have served as the backbone of organizational email security for years. Similar to how traditional firewalls operate at network perimeters, these gateways excel at blocking known threats through signature-based detection and basic filtering rules. However, just as modern network security has evolved beyond simple perimeter defenses, email security requires a more sophisticated approach.

Continue reading →

New research reveals the top five industries most frequently targeted by specifically tailored phishing attacks using either the recipient's name, email address, phone number, or company name.

The study from Cofense using data drawn from the Cofense Intelligence product between Q3 2023 to Q3 2024 shows, unsurprisingly, that finance tops the list, accounting for 15.5 percent of all credential phishing emails where the product redacted information from the subject in order to safeguard the recipient.

Continue reading →

New data from Cofense shows one malicious email bypassing customers' Secure Email Gateways (SEGs) every 45 seconds -- up from every 57 seconds in 2023.

The report also highlights the rapid rise in Remote Access Trojans (RATs) and the evolution of credential phishing techniques that exploit trusted platforms. Remcos RAT emerged as the predominant malware, using methods to bypass SEGs with ease.

Continue reading →

According to a new report, 80 percent of registered web domains that resemble a Global 2000 brand do not actually belong to that brand.

The report from enterprise-class domain registrar CSC shows that of the homoglyph (look-alike fake) domains owned by third parties other than the Global 2000 brand owners, 42 percent have MX records (email exchange records) compared with 40 percent in 2023. These MX records can be used to send phishing emails or to intercept email.

Continue reading →

A new report from Abnormal Security reveals a rise in targeted email compromise attacks on the healthcare sector.

Vendor email compromise (VEC) attacks on the sector have consistently trended upward, recording a 60 percent increase between August 2023 and August 2024. The sector's reliance on long-term vendor relationships is being exploited through VEC, where cybercriminals impersonate trusted vendors to bypass traditional email security and trick employees.

Continue reading →

New research from email security company IRONSCALES finds near-ubiquitous concern surrounding the security implications of deepfakes while only 42 percent of respondents feel very confident about their organization’s ability to defend against deepfake-enabled attacks.

Based on a survey of over 200 IT processionals the report finds 94 percent have some level of concern surrounding deepfakes, and 74 percent say they are 'very concerned.'

Continue reading →