by Joe Hedegaard Ganly

Information Security Adviser

Connect with Joe Hedegaard Ganly on Linkedin Connect with Joe Hedegaard Ganly on Linkedin

The State of Email Security 2020

I’m sure no one will dispute the world has changed and so has the way we work and collaborate. Covid has presented challenges for most companies and firms as we adapted to a largely remote workforce, without the comforts and security we have relied on.


We've seen four trends

We've seen four trends

  1. Email and web spoofing continue to rise
  2. Attackers are more agile and creative, creating campaigns based on real world events faster
  3. Remote working has changed the way we defend our users and data
  4. A human gap due to the loss of ability to train users on premises and in classrooms

In times of turmoil we turn to trusted agencies and partners to help us navigate uncertainty. Malicious actors have exploited this instinct, impersonating and spoofing some of these agencies. Take the spoofing of the World Health Organisation in April. At a time when the world was looking for guidance and unity in strategy, malicious actors spoofed their exact domain to extort donations and sensitive information – see more here.

Combine the misuse of a trusted name with the lack of ability to turn to your colleague and ask “does this look real” and we find ourselves in an uncomfortable position with a lot of uncertainty. Malicious actors are taking advantage of that uncertainty and reaping the reward, with 58% of businesses reporting an increase in phishing volume. The “does this look real to you” has led to the spread of phishing emails internally, 60% of organisations reported threats that were passed around internally, likely due to staff wanting to pass on what they thought was “key information” or internal Covid policies. See some more insights on the Mimecast infographic here.

Bolstering our phishing defences is critical, but so is assessing the risk facing users during their web browsing. When looking at protecting our domains and email identities, do we have public DMARC, DKIM and SPF records published to prevent what happened to the World Health Organisation happening to us? It’s worth noting that since the incident happened to the World Health Organisation, they have now implemented DMARC records and are protected against exact domain spoofing ongoing.

Are we still training our users and giving them the confidence, they need to deal with security incidents and prevent attempts to deceive them? With classroom training becoming harder for firms to deliver, the shift to online module-based learning and testing is a paradigm shift. Short, sharp informative training delivered via a variety of styles we find yields a culture change which is essential to change behaviours.

Find out more

Saepio recommend reading the Mimecast “State of Email Security 2020” report to learn how other companies have been affected in the first half of 2020 and how they’ve mitigated some of these attacks.

Get the full report here

Mimecast “State of Email Security 2020” report