Articles about Email

Most of us don't think too much about the 'From' address field on our emails, it's filled in by your mail program or web service. At the recipient's end security tools can check this against the sending server to verify that the mail is legitimate.

But hold on a second, an SMTP relay server between the server and the inbox allows messages through even though the addresses don't match. This is how organizations send out mass mailings without them getting blocked.

Continue reading →

Phishing emails that mention holidays are most likely to entice employees to click, according to security awareness training company KnowBe4.

The Q1 2022 top-clicked phishing report finds successful subjects globally include: 'HR: Change in Holiday Schedule', 'St. Patrick's Day: Employee Behavior/Company Policies', and 'Starbucks: Happy Holidays! Have a drink on us'.

Continue reading →

Credential phishing continues to be the top threat facing organizations, increasing 10 percentage points since 2020, accounting for 67 percent of all phishing emails now observed.

The latest Annual State of Phishing Report from Cofense also reveals that 52 percent of all credential phishing attempts observed by the Cofense Phishing Defense Center (PDC) were branded as Microsoft.

Continue reading →

We all make mistakes from time to time, but a cybersecurity error could cost you your job according to a new report.

The study from email security company Tessian finds almost one in four respondents (21 percent) lost their job as a result of a security mistake that compromised their company’s security -- up from 12 percent in 2020.

Continue reading →

New research by Trustwave SpiderLabs has uncovered a phishing attack that is able to adapt itself to the user's email service in order to trick them into revealing their login credentials.

The attack acts like a chameleon, putting up a fake login page tailored for whatever email service the victim is using. So Gmail users for example will see a different page from Apple, Outlook or Yahoo! Mail users.

Continue reading →

New research from Hornetsecurity finds that 40 percent of all inbound emails pose a potential threat, including spam, phishing and advanced threats such as CEO fraud and any type of malware.

Phishing, malicious links, and ransomware are among the most popular attack tactics used by hackers with brand impersonation being especially popular.

Continue reading →

Adobe Creative Cloud hosts popular apps including Photoshop and Acrobat, it also aids collaboration by allowing users to share documents.

Cybersecurity researchers at Avanan have discovered that hackers are now exploiting these file-sharing services as a phishing attack vector by sending legitimate emails through a trusted sender, bypassing ATP protection via Adobe’s SaaS offering.

Continue reading →

Despite the rising popularity of other communication and collaboration methods like Zoom and Teams, email remains at the core of business correspondence. However, it also remains a popular vehicle for delivering cyberattacks and other unwelcome material.

Secure email company Avanan has produced an infographic looking at email safety.

Continue reading →

Although people are sometimes seen as a weak link in information security, a new report from F-Secure shows that a third of emails that employees report as suspicious are actually phishing.

The finding comes from an analysis of emails reported by employees from organizations around the world, using F-Secure's mail reporting plugin for Office 365, during the first half of 2021.

Continue reading →

We all know the feeling, you're happily working away when an email pings into your inbox, you look at it, you might even answer it, but then you have to refocus back to what you were doing before.

It can be a problem in your personal life too, when quality time with the family is interrupted by business emails. Annoying, isn't it? Well email service OnMail clearly thinks so because it's introducing a new feature that allows you to take designated 'inbox breaks'.

Continue reading →

When iOS 15 is released this fall, users will have access to enhanced Siri capabilities, new ways to personalize their device, helpful improvements to the Find My iPhone/iPad, and several other new features and functionality to play with. But in the worlds of digital privacy and marketing technology, there's one update in particular that has been sending shockwaves up and down the industry.

Companies who care about email marketing have been in a sort of panic mode ever since the full slate of iOS 15 updates was revealed a couple months ago, due to a new feature called Mail Privacy Protection. In what Apple is calling an advancement of its "privacy leadership," the ability to block marketers from tracking the open behavior of their emails is the first step in what could be a cataclysmic shift for the entire spam (I mean, "email marketing") industry.

Continue reading →

Despite the rise of cloud-based collaboration services it's still common for people to exchange information and documents by email. Of course you still need a way of handling larger attachments.

The latest social engineering attack uncovered by Armorblox spoofs a file-sharing notice from the popular WeTransfer platform that's used by individuals and businesses alike.

Continue reading →

DuckDuckGo is a pretty cool company that focuses heavily on privacy. Its claim to fame is its search engine that aims to compete with the likes of Google and Bing, but without tracking you. Believe it or not, its search results are pretty good comparatively, although Google still edges it out.

Over time, DuckDuckGo has launched its own web browser and browser extensions, constantly trying to keep humans safe from the eyes of "Big Tech." And now the company announces its latest creation -- @duck.com email accounts.

Continue reading →

A new email security report from GreatHorn reveals that 30 percent of links received by email lead to malicious sites.

Spoofed email accounts or websites are the most experienced form of a business email compromise (BEC) attack as 71 percent of organizations acknowledge they have seen one over the past year. This is followed by spear phishing (69 percent) and malware (24 percent).

Continue reading →

The latest quarterly threat report from Abnormal Security shows that increasingly sophisticated and novel socially engineered email attacks that bypass legacy defenses are driving 50 percent higher engagement than traditional email attacks such as credential phishing.

The report also shows that between the first week of July 2020 and the first week of April 2021, the percentage of companies across industries getting hit with vendor email compromise (VEC) attacks increased nearly 120 percent.

Continue reading →