Articles about Email

The last six months has seen a 341 percent increase in malicious emails, including an alarming spike in phishing, BEC, and other message-based attacks fueled by the continued growth of generative AI.

The latest State of Phishing Report from SlashNext finds that since the launch of ChatGPT in November 2022, there has been a 4,151 percent increase in malicious emails sent.

Continue reading →

Over the last few months, there have been numerous complaints from users of Microsoft Outlook that they are unable to reply to encrypted emails. An error message that reads "Microsoft Outlook was not able to create a message with restricted permission" is displayed.

While Microsoft has acknowledged the issue in the desktop email client, the company is yet to fix it properly. There is, however, a temporary workaround that can be used to make it possible to reply to encrypted emails.

Continue reading →

The latest Email Threat Trends report from VIPRE Security Group identifies the US as the top source of spam emails globally, followed by the UK, Ireland, and Japan. The US, UK, and Canada are the top three countries most subjected to email-based attacks.

Looking at targets, the manufacturing, government, and IT sectors are the most attacked by malicious actors. In Q1 2024, the manufacturing sector suffered 43 percent of email-based attacks, with government (15 percent) and IT (11 percent) trailing well behind. This is a change from Q1 2023, when attackers targeted the financial (25 percent), healthcare (22 percent), and education (15 percent) sectors most often.

Continue reading →

Since the launch of ChatGPT there has been a surge in the number of phishing emails as AI makes it easier to create convincing lures.

Email security specialist SlashNext is fighting AI with AI thanks to the launch of a new generative AI large language model (LLM) to deliver accuracy and precision in spam detection, with claimed near-zero false positive rates.

Continue reading →

Most incidents of phishing or spoofing on smartphones still happen via email, according to MEF's (Mobile Ecosystem Forum) 9th Annual Trust Study.

The report shows 52 percent of users reporting personal experience of data harm via this channel. Surprisingly, 39 percent of those users still took no preventative measures to protect their online data.

Continue reading →

One of the most common forms of cyberattack is credential stuffing, using exposed details on different sites to exploit the fact that people frequently reuse passwords.

Proton Mail is introducing a new Dark Web Monitoring feature that will alert customers if their credentials are exposed on the dark web, where stolen emails and credentials get bought and sold.

Continue reading →

The automotive industry has become a popular target for business email compromise and vendor email compromise attacks, according to new research from Abnormal Security.

Between September 2023 and February 2024, BEC attacks against businesses in the automotive industry increased by 70.5 percent. Over the same period 63 percent of Abnormal Security customers in the automotive industry experienced at least one VEC attack.

Continue reading →

Microsoft 365 is the default software in SMEs, and understandably. The software offers a comprehensive set of productivity tools; flexible, scalable, and affordable licensing options, and compliance and security capabilities. However, given the ever-growing and persistent threat of cyberattacks, for email security, the standard security safeguards offered are insufficient.

Analysis of over 1 billion emails worldwide shows that emails are the preferred vehicle of cybercriminals. Email-delivered malware remains a favorite, increasing by 276 percent between January and December of last year. Additionally, attachments are growing as a threat. In Q4 of 2023, EML attachments increased 10-fold. Criminals are sending malicious payloads via EML files because they get overlooked when attached to the actual phishing email, which comes out clean.

Continue reading →

Despite them being widely publicized, Google and Yahoo's new email rules still risk catching out many businesses.

New research from EasyDMARC finds that, despite the email providers warning customers that failure to implement the DMARC security standard could lead to diminishing email deliverability, only 37 percent of IT decision-makers have rolled out the security measure.

Continue reading →

Detections for malicious email forwarding rules have risen by nearly 600 percent in 2023, as adversaries compromised email accounts, redirected sensitive communications to archive folders and other places users are unlikely to look, and attempted to modify payroll or wire transfer destinations, re-routing money into the criminal’s account.

This is one of the findings in the latest Threat Detection Report from Red Canary. Half of the threats in top 10 leverage malvertising and/or SEO poisoning, occasionally leading to more serious payloads like ransomware precursors that could lead to a serious attack if not detected.

Continue reading →

According to a new report, 74 percent of all cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.

More than two-thirds believe employees are putting the organization at risk through the misuse of email, oversharing company information on social media, and careless web browsing. This highlights the need for staff to receive better training on the risks.

Continue reading →

New research from email security provider EasyDMARC finds that 25 percent of e-commerce retailers expect to see a notable drop in email deliverability following Yahoo and Google's email authentication policy changes.

Both Google's sender guidelines and Yahoo's sender requirements and recommendations have stated that failure to comply with the new sending standards could negatively impact email delivery. For e-commerce providers that rely on email as a marketing and customer communications channel, these measures could negatively impact customer engagement and sales.

Continue reading →

A new report from Cofense based on data from its Phishing Detection Center identifies over 1.5 million malicious emails bypassing customers' secure email gateways (SEGs), a 37 percent increase in threats compared to 2022.

The report shows that SEGs struggle to keep pace with sophisticated phishing campaigns and that relying on 'good enough' email security is no longer an option for most enterprises.

Continue reading →

Phishing is the most common form of cyberattack as criminals seek to obtain credentials to access bank accounts or corporate networks.

Abnormal Security has analyzed which phishing attacks generate the highest click rate and categorized them based on the words included in the subject line.

Continue reading →

New research from Cofense reveals the most common phishing themes of last year, which offer insight into the threat actor's intentions.

Information analyzed to determine the theme includes the brand being spoofed, any attachment names, rendered attachments in the case of documents or HTML files, and the email body content, plus of course the subject.

Continue reading →