"Email Threats Still Managing to Evade Defenses"

According to a new study conducted by Cyren, enterprise email perimeter protections are often ineffective in blocking well-crafted email attacks. In one month, an average of 75 malicious messages per 100 mailboxes pass through email security filters such as Microsoft 365 Defender, meaning a company with 5,000 mailboxes would need to detect and respond to 3,750 harmful inbox threats per month. Most of these threats are phishing emails with URLs to site content intended to steal login credentials, personal information, or payment information. These are frequently the precursors to other types of attacks, such as ransomware. More than half of all reported phishing, imposter, and malware email attacks impacted more than one user. However, two-thirds of email attacks were delivered to one to ten users, indicating that the attacks were targeted. Such targeted or one-of-a-kind email attacks are more difficult to detect. The most common method used by attackers to avoid detection is to send emails from well-known webmail domains. These tactics account for 32 percent of all evasive techniques deployed. This article continues to discuss key findings from Cyren's research on business email perimeter defenses and phishing attacks.

BetaNews reports "Email Threats Still Managing to Evade Defenses"