Security News > 2021 > August > Key email threats and the high cost of BEC

Phishing can be a profitable business model, and most breaches begin with a phishing email.

As detailed in the report, threats ranging from ransomware, credential harvesters to difficult-to-discover but costly Business Email Compromise targeted inboxes, could have resulted in over $354 million in direct losses had they been successful.

More than half a million threats were missed by email authentication and legacy defense systems, which could have caused millions in disruptions and financial loss without interception.

"Our research found that security awareness training is only beneficial from an educational perspective but not effective in stopping threats. Around 92% of user-reported phish are not malicious and actually benign, spam, or bulk mail, which often delays IT teams from discovering and stopping actual threats. The only solution is a preemptive, cloud-based, email security solution that prevents the phish from even hitting the inboxes."

Recommendations for effectively defending against cloud email threats Locking down identity: Secure accounts and identities by adding additional protection like multi-factor authentication.

Take a zero-trust approach with email: It's imperative to verify all communication that happens within email.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/M6dyHtOfUuk/