"Most Email Security Approaches Fail to Block Common Threats"

According to a survey of business customers who use Microsoft 365 for email, commissioned by Cyren and conducted by Osterman Research, many security teams believe their email security systems are ineffective against ransomware and other significant inbound threats. Security team managers were found to be the most concerned about current email security solutions not being able to block serious inbound threats, which require time for response and remediation by the security team before users trigger dangerous threats. Less than 50 percent of those surveyed said that their organizations can block the delivery of email threats. Less than half of the organizations rank their current email security solutions as effective. Protections implemented against impersonation threats are considered the least effective, followed by measures to detect and block mass-mailed phishing emails. Nearly all of the organizations polled have experienced one or more types of email breaches. Most of the organizations faced one or more successful email breach types during the previous 12 months. The number of email breaches per year has doubled since 2019, most of which were due to successful phishing attacks that stole Microsoft 365 credentials. The survey also revealed that successful ransomware attacks have increased by 71 percent in the last three years. In addition, Microsoft 365 credential compromise grew by 49 percent, and successful phishing attacks increased by 44 percent. This article continues to discuss the key findings from the report on phishing, Business Email Compromise (BEC), and ransomware threats faced by Microsoft 365 Users, as well as where email defense breaks down. 

Threatpost "Most Email Security Approaches Fail to Block Common Threats"