Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Examples of business email compromise (BEC) attacks

Business email compromise (BEC) is one of the most advanced and financially damaging forms of phishing. Each year, the number of successful attacks continues to rise. In 2022, BEC attacks cost organizations a total of $2.7bn. This represents a 47% increase in lost funds since 2020, making it the second costliest form of cybercrime.

Accidentally received someone else's confidential email? Here's what to do

In the best case, emailing confidential information to the wrong person can be embarrassing. In the worst case, it can cause a major security incident that puts people at risk, jeopardizes an organization's reputation, and leads to remedial and legal action. If you have sent a confidential email to the wrong person, read our article ‘Accidentally sent a confidential email to the wrong address? Here’s what to do’.

Egress Vulnerability Disclosure Program (VDP)

In today's rapidly evolving digital landscape, cybersecurity remains a top priority for organizations of all sizes. As a leading provider of security solutions, we appreciate and understand the pressures of the current threats that organizations face daily. A critical risk often faced by suppliers is supply chain security. A supply chain attack can undermine a company’s operations and introduce risk at unprecedented levels, potentially leading to a catastrophic outcome.

Five tips to avoid spear phishing attacks

Cybercriminals make use of sophisticated tactics to craft convincing spear phishing attacks, and consequently, organizations need a solid understanding of the evolving cyber threat landscape to combat them. Spear phishing is a form of phishing where cybercriminals use highly targeted emails to deceive individuals into revealing sensitive data or transferring funds. 65% of all known hacking groups use spear phishing, making it the most popular form of attack.

What is a secure email gateway (SEG)?

Email is the most frequent attack vector hackers use to target organizations. Secure email gateways (SEGs) have traditionally been relied on as the first line of anti-phishing defense. However, in recent years there has been a discussion surrounding the future of SEGs with the many advancements in the native email security capabilities of Microsoft 365. A SEG provides pre-delivery protection to individuals by blocking (quarantining) known threats before they reach the mail server.

Integrated cloud email security (ICES) vs secure email gateway (SEG)

Cybercriminals continually evolve their techniques, leading to more successful phishing attacks. Using techniques such as text-based attacks that utilize social engineering and highly targeted spear phishing, bad actors are able to bypass traditional email security and land in their target’s inbox. According to the organizations surveyed for the 2023 Email Security Risk Report, 92% fell victim to phishing attacks.

What is integrated cloud email security (ICES) and why do you need it?

Integrated cloud email security (ICES) is a term coined by industry analyst, Gartner, in their 2021 Market Guide for Email Security. The guide was reissued in 2023 and stated that ‘by 2025, 20% of anti-phishing solutions will be delivered via API integration with the email platform, up from less than 5%” at the time of publication’.

What is business email compromise (BEC)?

Business email compromise, or BEC, is the most financially damaging form of cybercrime that organizations face. The goal of a BEC attack is to defraud an organization, most frequently through the transfer of funds or the payment of gift cards. A form of advanced phishing, BEC attacks are highly targeted and utilize impersonation and other social engineering tactics to manipulate victims.

What is whaling?

Enhancements to network security within organizations have made it harder for threat actors to penetrate networks and systems. As a result, people have become the primary target for cyberattacks, with email providing the most effective mechanism for launching these attacks. This leads to all employees within an organization being frequently targeted by phishing attacks.