Cyber Risk Aware Blog

Email Phishing on the Rise as Latest Data Shows Unsafe Emails Pass Through Security Systems

[fa icon="calendar"] 24-Oct-2017 15:12:11 / by Stephen Burke

Stephen Burke

At Cyber Risk Aware, the latest data we’ve seen highlights the need for more work on the latest security systems to prevent email phishing scams. The test data from Mimecast Limited shows that, of 45 million emails passed through by common email programs, nearly 31% were unsafe.

The data shows that companies must educate their employees on email phishing scams and ensure that all personnel are aware of the dangers of the latest security threats. It’s also clear that companies must now test their employees with mock phishing exercises to test their awareness while measuring the effectiveness of current in-house security programs. This process will also help the company measure the level of risk to the business from the phishing threat.

Email Offers Complete Access and Variety of Attack Options

One of the leading reasons criminals are now using email phishing scams more and more as a means of gaining access to data is that email platforms are an easy way to access millions of individuals, and offer a variety of avenues for attack. For example, email phishing is now being used to get users to click onto a URL and enter their private information in a form they believe to be secured. The data can then be used for a range of purposes, from stealing bank details to identify theft. Studies show that even employing in-house email protection does little to protect companies.

The Mimecast Limited study included the inspection of over 45,000 emails, all of which had passed through the related company’s email security. Of these 45,000 emails, 31% were deemed unsafe. With 10.8 million pieces of spam, 8,682 dangerous files, 1778 malware attachments and 9,677 impersonation emails included in the 45 million emails analysed.

Third-Party Expertise Required

The data clearly shows that relying on traditional email security solutions provided by the company directly does not protect the individual and the data within company systems. Company email users, both home remote users and those in the workplace, must learn the latest in email security protocols. Firms must use not only third-party security services but also undertake regular training with staff to safeguard their systems and ensure that staff can recognize any email threats before they arrive in the inbox of team members.

Training Also Critical for Long-Term Protection

In addition to working with third party email security experts, companies should also work with security awareness training providers to ensure that email recipients have a clear understanding on the latest threats. Training that is delivered at the right time in an engaging way can prevent an employee from making a mistake that costs their company millions of dollars and potentially leads to the loss of personal data. Working with a training specialist is a great way to safeguard growing organizations and their IT structure for the coming years.

Protect from Email Phishing

To learn more on the full range of training services provided by the trusted team at Cyber Risk Aware contact our experts now. Recognised specialists are standing-by to help safeguard your data and assets against the newest email threats.


Stephen Burke

Written by Stephen Burke