Email

New research released today from Cyren shows that business email perimeter defenses are often incapable of preventing well-crafted email attacks.

During an average month, there are 75 malicious messages per 100 mailboxes that slip past email security filters like Microsoft 365 Defender. This means that an enterprise with 5,000 mailboxes would need to detect and respond to 3,750 confirmed malicious inbox threats each month.

Business email compromise attacks are up 53 percent over the last year and are increasingly trying to look more like legitimate emails in their use of language.

A new report from Armorblox shows 74 percent of BEC attacks are using language as the main attack vector.

Three out of five organizations experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months, according to a new study.

Research from email security company Tessian and the Ponemon Institute shows 65 percent of over 600 IT security practitioners surveyed see email as the riskiest channel, followed by 62 percent for cloud file sharing and 57 percent for instant messaging.

A new study commissioned by email security company Cyren from Osterman Research seeks to understand how businesses using Microsoft 365 for email are being impacted by email-borne security threats, such as phishing, business email compromise (BEC), and ransomware attacks.

It shows security team managers are most concerned that current email security solutions do not block serious inbound threats -- particularly ransomware. Fewer than half of organizations surveyed rank their currently deployed email security solutions as effective.

Most of us don't think too much about the 'From' address field on our emails, it's filled in by your mail program or web service. At the recipient's end security tools can check this against the sending server to verify that the mail is legitimate.

But hold on a second, an SMTP relay server between the server and the inbox allows messages through even though the addresses don't match. This is how organizations send out mass mailings without them getting blocked.

Phishing emails that mention holidays are most likely to entice employees to click, according to security awareness training company KnowBe4.

The Q1 2022 top-clicked phishing report finds successful subjects globally include: 'HR: Change in Holiday Schedule', 'St. Patrick's Day: Employee Behavior/Company Policies', and 'Starbucks: Happy Holidays! Have a drink on us'.

Credential phishing continues to be the top threat facing organizations, increasing 10 percentage points since 2020, accounting for 67 percent of all phishing emails now observed.

The latest Annual State of Phishing Report from Cofense also reveals that 52 percent of all credential phishing attempts observed by the Cofense Phishing Defense Center (PDC) were branded as Microsoft.

We all make mistakes from time to time, but a cybersecurity error could cost you your job according to a new report.

The study from email security company Tessian finds almost one in four respondents (21 percent) lost their job as a result of a security mistake that compromised their company’s security -- up from 12 percent in 2020.

New research by Trustwave SpiderLabs has uncovered a phishing attack that is able to adapt itself to the user's email service in order to trick them into revealing their login credentials.

The attack acts like a chameleon, putting up a fake login page tailored for whatever email service the victim is using. So Gmail users for example will see a different page from Apple, Outlook or Yahoo! Mail users.

New research from Hornetsecurity finds that 40 percent of all inbound emails pose a potential threat, including spam, phishing and advanced threats such as CEO fraud and any type of malware.

Phishing, malicious links, and ransomware are among the most popular attack tactics used by hackers with brand impersonation being especially popular.

Adobe Creative Cloud hosts popular apps including Photoshop and Acrobat, it also aids collaboration by allowing users to share documents.

Cybersecurity researchers at Avanan have discovered that hackers are now exploiting these file-sharing services as a phishing attack vector by sending legitimate emails through a trusted sender, bypassing ATP protection via Adobe’s SaaS offering.

Despite the rising popularity of other communication and collaboration methods like Zoom and Teams, email remains at the core of business correspondence. However, it also remains a popular vehicle for delivering cyberattacks and other unwelcome material.

Secure email company Avanan has produced an infographic looking at email safety.

Although people are sometimes seen as a weak link in information security, a new report from F-Secure shows that a third of emails that employees report as suspicious are actually phishing.

The finding comes from an analysis of emails reported by employees from organizations around the world, using F-Secure's mail reporting plugin for Office 365, during the first half of 2021.

We all know the feeling, you're happily working away when an email pings into your inbox, you look at it, you might even answer it, but then you have to refocus back to what you were doing before.

It can be a problem in your personal life too, when quality time with the family is interrupted by business emails. Annoying, isn't it? Well email service OnMail clearly thinks so because it's introducing a new feature that allows you to take designated 'inbox breaks'.

When iOS 15 is released this fall, users will have access to enhanced Siri capabilities, new ways to personalize their device, helpful improvements to the Find My iPhone/iPad, and several other new features and functionality to play with. But in the worlds of digital privacy and marketing technology, there's one update in particular that has been sending shockwaves up and down the industry.

Companies who care about email marketing have been in a sort of panic mode ever since the full slate of iOS 15 updates was revealed a couple months ago, due to a new feature called Mail Privacy Protection. In what Apple is calling an advancement of its "privacy leadership," the ability to block marketers from tracking the open behavior of their emails is the first step in what could be a cataclysmic shift for the entire spam (I mean, "email marketing") industry.