Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email security often focuses on incoming threats such as phishing, malware, and malicious links, but outbound email security is just as important. According to KnowBe4’s 2025 State of Human Risk Report, nearly half of cybersecurity leaders say misdirected emails sent by employees have caused security incidents. These mistakes typically happen when employees send messages to the wrong recipient, attach the wrong file, or unintentionally share sensitive information.

Organizations have traditionally treated phishing emails as a technology problem to be solved with spam filters and secure email gateways. But with phishing attacks on the rise, these tactics are no longer enough. KnowBe4’s 2025 Phishing By Industry Benchmarking Report found a 47% increase in phishing attacks that bypass Microsoft’s native defenses and secure email gateways. Why do they succeed? Because they exploit reliable human behavior.

BlueVoyant researchers have uncovered a broad, multi-pronged phishing campaign targeting Spanish-speaking users in organizations across Latin America and now Europe as well. While recent industry intelligence heavily documented attacks utilizing WhatsApp to deliver banking trojans under the umbrella of the Brazil-based eCrime group Augmented Marauder (a.k.a.

A finance employee receives an email that appears to come from the CFO requesting urgent payment approval. The message references a current project, uses the correct tone, and arrives at a plausible time. However, the email wasn’t written by a colleague — it was generated by AI. And it contains a malicious link. These attacks are becoming more common as threat actors use AI to produce convincing phishing emails, automate impersonation attempts, and launch social engineering campaigns at scale.

Arctic Wolf has recently observed a phishing campaign targeting Microsoft 365 that abuses the OAuth device code flow to trick victims into providing authentication codes. Threat actors use Railway’s Platform-as-a-Service (PaaS) infrastructure (a trusted cloud platform with valid IP addresses) to host attack components, allowing the activity to blend in with normal traffic. This enables threat actors to steal valid access and refresh tokens and bypass multi‑factor authentication protections.

Researchers at LayerX warn that custom fonts can fool AI web assistants into thinking phishing pages are benign, while the human user sees something completely different. “There is a structural disconnect between what an AI assistant analyzes in a page’s HTML and what a user sees rendered by the browser,” the researchers explain.

Researchers at Permiso warn that threat actors can plant phishing messages within Copilot AI summaries. Notably, the researchers found that attackers can trick Copilot into including internal information to craft a more targeted message.

In the financial services industry, a "security incident" is rarely just an IT ticket. It is a regulatory event. Whether you are a bank, a global investment firm, or a fintech startup, your email environment is the most targeted entry point for attackers and the most common exit point for sensitive data.

According to HIPAA Journal, phishing remains one of the most common and effective attack methods used against healthcare organizations and is a leading cause of healthcare data breaches. As healthcare becomes more digital, cybercriminals increasingly target clinicians and administrative staff to access Electronic Health Records (EHRs) and other Protected Health Information (PHI).