Guide To Protect Your Organization From Email Security Threats

Email attacks are more common and more intelligent that in the past. Email is one of the oldest and therefore least secure methods for communicating online but is still the preferred contact method for the majority of businesses. Therefore, it’s probably no surprise to hear that most successful cyber-attacks are deployed via email.

What Are The Different Types of Email Threat?

Phishing Emails

Phishing emails are emails which are designed to trick the recipient into handing over sensitive information or click on a malicious link.

An example would be an email falsely claiming that you have to reset your Office 365 password. You click on a link in the email and are taken to a replica of the Office 365 site, it asks you to enter your existing password. You enter it and you’ve actually given away your password to a hacker.

Phishing emails are cheap to produce and are suited to a scattershot approach, sending thousands out in the hope that maybe 1% of people fall for it and one of them gives away something useful.

Over half of corporate security breaches come from phishing emails.

Spear Phishing

These are like the phishing emails described above except that they are targeted at a specific individual. For instance, a hacker may spend a few days researching your company, finding your CEO’s email and sending them a specific email pretending to be from another colleague.

Spearphishing emails can be harder to spot and much more damaging that normal phishing emails.


Malware is a type of malicious software that can range in its danger from an inconvenience to a serious threat to your profits and reputation.  Over 90% of malware is delivered through links or attachments in email.


Ransomware blocks access to your machines or data and demands you pay a ransomware (normally in bitcoin) in order to regain access. This type of threats has crippled businesses, governments and even hospitals worldwide.

How To Secure Your Email

The best weapon you have against email threats is your own common sense. In particular:

Don’t click on links or open attachments in emails that you aren’t 100 sure about.

Beyond that, there are some technological solutions.

  • Use a strong password. Really strong, over 8 characters, numbers, symbols, the whole lot. If possible, use a password manager.
  • Use 2 factor authentication where an extra step is required to gain access to your email. For example, a code sent via SMS to your mobile.
  • Be on the lookout for spoofed email addresses or names. Make sure that the sender’s email address matches the company name and format exactly.
  • Use a cloud-based email security solution like Mimecast which quarantines and scans your email before it ever reaches your network.
  • Have anti-virus and anti-ransomware software installed.
  • Keep your operating system up to date.


If you are worried about secure mail or protecting your IT network more effectively, you should speak with your IT department or third-party IT support provider to learn more about what they are currently doing to protect you and what other options are available. In the meantime, stay alert and act sensibly when using email.

Comments are closed