Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Perimeter solutions such as Secure Email Gateways (SEGs) have long been a cornerstone of email security, historically serving as the primary line of defense against malicious emails entering an organization. Utilizing legacy technology such as signature and reputation-based detection, SEGs have provided pre-delivery intervention by quarantining malicious attacks before they reach the end recipient. Why, then, are 91% of cybersecurity leaders frustrated with their SEGs, and 87% considering a replacement?

This blog looks at the intersection of psychology and email attacks to help guard your business against elaborate deception and adopt actionable strategies to defend your people and assets from manipulative schemes. After reading it, you’ll be better prepared to thwart scams and bolster your organization’s resilience against email-based threats.

You no longer need to pull off a bank heist to pocket millions of dollars. Taking advantage of an email breach is easier for attackers and allows them to use your infrastructure’s weaknesses to demand ransom, steal personal information, or perform other fraudulent activities.

According to the FBI, billions of dollars have been lost through Business Email Compromise (BEC) attacks in recent years, so you may well think that there is little in the way of good news. However, it has been revealed this week that police managed to recover more than US $40 million snatched in a recent BEC heist just two days after being told about it.

A report from Darktrace has found that 62% of phishing emails in the first half of 2024 were able to bypass DMARC verification checks in order to reach users’ inboxes. “Building on the insights from the 2023 End of Year Threat Report, an analysis of malicious emails detected by Darktrace / EMAIL in 2024 underscores the implication that email threats are increasingly capable of circumventing conventional email security tools,” the report says.

Two deceptive tactics—spoofing and phishing—are at the core of many cyberattacks. Understanding these threats is essential for protecting your digital assets.

In today's digital landscape, email encryption is a key component of data protection, especially for organizations that handle personal, financial, or health-related information. Whether you need to safeguard Personally identifiable information (PII), Payment card data (PCI), Protected Health Information (PHI), secrets, or Intellectual Property (IP), this guide will walk you through the process of sending encrypted emails in Gmail.

Researchers at Barracuda have found that smaller companies tend to receive a higher rate of phishing attacks spread across the organization, according to a report looking at the phishing attack surfaces of companies of different sizes. This is likely due to the smaller number of potential targets and the higher level of access possessed by each employee.