Articles about Email

The “summary cards” feature of Gmail is not new; it is Google’s way of helping to make your emails easier to manage, consolidating information about, for instance, purchases you’ve made. Now things are being updated with live updates and “action buttons”.

Across four categories -- purchases, events, bills and travel -- summary cards provide at-a-glance information at the top of your emails. The new actions buttons make it possible to quickly add entries to Google Calendar or Google Tasks so you don’t forget important events, but there is much more to the update, including a Happening Soon section.

Continue reading →

It is estimated that people make 35,000 decisions every day -- or, to break that number down, one decision every two seconds. That’s not to say that each decision has a big impact, most are small and often instinctive, like taking a sip of coffee, turning the work laptop on, and clicking a hyperlink in an email.

In fact, it is that instinctive use of email that can lead to cyberattacks and data breaches. Email is the backbone of business communication. Despite remote and hybrid work driving the adoption of messaging apps and video conferencing, four out of five employees say email is their preferred way to communicate.

Continue reading →

A new survey of IT and security leaders working within critical infrastructure industries reveals that 80 percent of organizations experienced an email-related security breach over the past year, and 63.3 percent of respondents say their email security approach needs to be improved.

The report from infrastructure protection company OPSWAT based on a study by Osterman Research finds that despite advancements in cybersecurity, 48 percent of organizations lack confidence in their existing email security defenses, leaving them vulnerable to potentially devastating cyberattacks.

Continue reading →

Because email is the primary source of initial entry in many breaches, many organizations pay for sophisticated, third-party email filtering solutions on top of the protections afforded by Microsoft 365. This is a wise investment; having layers of protection by different vendors helps eliminate blind spots found in any one vendor solution and provides complexity that can foil attack attempts.

Yet, few know that threat actors can easily bypass these third-party filtering products by directing emails to onmicrosoft.com domains that are an inherent part of the Microsoft 365 configuration.

Continue reading →

Although it dates back to the very early days of the internet, email remains a vital communications channel for businesses. But it also continues to present security challenges.

A new report from Abnormal Security reveals a 350 percent year-on-year growth in file-sharing phishing attacks, while business email compromise attacks (BEC) have grown over 50 percent from the second half of 2023 to the first half of 2024.

Continue reading →

Phishing remains a significant threat to organizations. A new report from Darktrace shows 17.8 million phishing emails detected across its customer fleet between December 21, 2023, and July 5, 2024. Alarmingly, 62 percent of these emails successfully bypassed DMARC checks.

Cybercriminals are embracing more sophisticated tactics, techniques and procedures designed to evade traditional security parameters.

Continue reading →

Almost half (49 percent) of all detected spam emails are attributed to business email compromise (BEC) scams, with the CEO, followed by HR and IT, being the most common targets according to a new report.

The research from VIPRE Security Group puts a more sinister complexion on this trend, revealing that a full 40 percent of the BEC emails uncovered were AI-generated, and in some instances, AI likely created the entire message.

Continue reading →

Of course all companies are vulnerable to email threats, but analysis by Barracuda of targeted email attacks over the past year, reveals that organizations are vulnerable in different ways, according to their size.

Lateral phishing -- where attacks are sent to mailboxes across the organization from an already compromised internal account -- makes up just under half (42 percent) of targeted email threats against organizations with 2,000 employees or more, but just two percent of attacks against companies with up to 100 employees.

Continue reading →

New email rules from major providers mean that businesses need to adopt the DMARC standard in order to ensure that their emails get delivered.

But while the new rules have received a good deal of publicity there hasn't been much attention paid to those not running their own mail server and relying on a third-party mail services.

Continue reading →

Email security tools such as Secure Email Gateways (SEGs) often encode URLs that are embedded in emails. This enables the security appliance to scan the URL before the recipient visits the website.

But when SEGs detect URLs in emails that have already been SEG encoded they don't scan the URL. A new report from Cofense reveals that threat actors are making use of this to avoid detection.

Continue reading →

Mozilla has unveiled Thunderbird 128.0, around a year to the day after the last major release of its email client. Thunderbird 128.0, codenamed Nebula, isn’t just a major new release in its own right, it also heralds a new era for Thunderbird.

Going forward, Thunderbird will adopt the same monthly-release cycle as Firefox, its browser sibling. As a result, Thunderbird 128.0 comes in two major flavors: regular release, and ESR for those who prefer less frequent major updates.

Continue reading →

Cybercriminals are abusing legitimate URL protection services to hide malicious URLs in phishing emails, according to a new Threat Spotlight from Barracuda Networks.

Researchers have observed phishing attacks taking advantage of three different URL protection services to mask their phishing URLs. The services are provided by trusted, legitimate brands. To date, these attacks have targeted hundreds of companies.

Continue reading →

Only 61 percent of manufacturing businesses have adopted DMARC, with 19 percent of the total manufacturers analyzed having adopted the most stringent 'p=reject' DMARC policy.

New research from email security provider EasyDMARC, which surveyed almost 5,000 global manufacturing companies, finds 43 percent of those with DMARC use a low-security DMARC policy that allows suspicious emails to reach inboxes but enables reporting on such activity.

Continue reading →

In the realm of digital communication, crafting the perfect email is both an art and a science, especially when the goal is to convert that email into a meeting or a tangible outcome. With the advent of Large Language Models (LLMs) like GPT (Generative Pre-trained Transformer), the stakes have been raised, offering unprecedented opportunities for personalization, efficiency, and effectiveness in email outreach. At the heart of this revolution lies a seemingly simple yet profoundly impactful element: the prompt.

A prompt, in the context of LLMs, is more than just a starting point for generating text; it's the steering wheel that guides the AI in a specific direction, ensuring that the output aligns with the sender's intentions, tone, and objectives. The importance of prompts becomes even more pronounced when considering the goal of converting an email into a meeting -- a task that requires precision, personalization, and persuasion. Prompts provide:

Continue reading →

Hardly a week goes by without news of another email-based attack via phishing or Business Email Compromise (BEC) scam. These types of attacks can cause a great deal of damage to infrastructure and an organization’s image, whether it is a large enterprise, a small-medium business (SMB) or even much smaller retailers. The FBI (Federal Bureau of Investigation) reports that the average financial loss per BEC attack is $125,000 and last year estimated the Business Email fraud industry to be valued at a whopping $50 billion.

These attacks are increasingly creative, and typically involve impersonation of someone such as the head of an organization or finance. If someone responds on behalf of the executive, they could unknowingly give away the keys to the kingdom, causing significant losses. With that in mind, let’s review some of the larger email security trends.

Continue reading →