A summary of common threats faced by cloud email systems beyond malware and data breaches, this blog provides actionable tips and best practices for businesses to protect their email systems.

Modern enterprises need to be able to identify the tactics being used by cybercriminals in email attacks, especially those leveraging advanced technologies like AI. Find out what's at stake and how today's email security solutions can help mitigate these evolving attacks.

What is Account Takeover protection and how to stay ahead of various threats targeting email and cloud environments.

We are thrilled to announce that Frost & Sullivan has ranked Fortra as a leader in our space. With the release of the Frost Radar for Email Security™, Frost & Sullivan has determined that Fortra Email Security is a leader in the industry, having increasing its revenue distribution in North America by 30%, as well as penetration in the cloud security market and in the banking and finance verticals...

What Is Business Email Compromise (BEC)?Business email compromise (BEC) is a dangerous and pervasive type of email spoofing that targets businesses, aiming to damage them in some financial or reputation-based way. It does so via deceptive tactics, such as CEO or executive impersonation, allowing BEC attacks to evade security filters, leading to fraud, compromised accounts, and data leakage.Other...

How will the digital risk and email security landscape evolve in 2024? In this VM Blog article, Eric George discusses the industry's future and shares his seven predictions for 2024.

Cybercriminals doubled down on popular threat types and preferred malicious software in Q2, with O365 phish and QBot malware dominating inboxes by significant margins. QBot operations eclipsed all other malware once again, reaching their highest volume of share just before a multinational takedown Tuesday removed malicious code from more than 700,000 computers. Similarly, but lacking in...

In Q4, Response-Based phishing attacks were the top reported threat by end users, according to Fortra’s PhishLabs. While threats categorized as Credential Theft and Malware continue to bypass even the top secure email gateways, this is the second consecutive quarter where Response-Based attacks have led all categories. Response-Based attacks typically lack malicious indicators and instead rely...

You might remember as a child, there was a revelation…invisible ink. Stepping forward to today, there is now a new type of phishing which uses invisible ink, or as it’s also called, ‘zero font’, as a means to beat the spam and phishing filters. Anti-spam / phishing filters work in several different ways; they look for specific words or phrases and there is then a statistical element. If there are 100,000 instances of the same message, it’s probably spam.

In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects. With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems.To understand why, let’s consider the benefits of deploying...

CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats. According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened. With 75 million corporate employees even now still...

What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address.Email Spoofing: What Is It?Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or trusted...

Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response.Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book, then...

Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...