Your Guide to Email Security: Threats, Options, and Best Practices

Email security is an organization’s front-line defense from email threats, a top cyberattack entry point. FBI studies continuously show that business email compromise is the leading cause of financial losses from cybercrime. Implementing strong email security is a must for any organization.

The shift to remote and hybrid work only underlines this importance, as decentralized security opens more doors for increasingly sophisticated cybercriminals. The threat landscape is evolving, and email security must move in lockstep.

Traditional email security solutions include secure email gateways and built-in email provider filters. They can identify suspicious emails containing known red flags, but they miss more sophisticated attacks that are increasing in frequency. Email security that integrates with the cloud is a new solution that is gaining steam–it blocks the social engineering attacks traditional security products miss.

A strong email security program combines the latest technology and best practices to prevent attacks from reaching user inboxes. Learn about the biggest email security threats and the most effective solutions.

Email security is a set of processes and technologies to protect email accounts, users, and organizations from unauthorized and malicious messages.

• Processes: The organizational policies like security awareness training, access management, information archiving, and password requirements.

• Technologies: The solutions that help implement policies and provide security, like secure email gateways, built-in email provider protection, integrated cloud email security, and email data protection.

A strong email security program combines processes and technologies to create a holistic, top-to-bottom approach. Your technology does not work without proper procedures in place, and vice-versa.

There are several email-based threats that regularly target enterprises and small businesses alike. These are four of the most dangerous and costly modern email attacks:

1. Business email compromise (BEC): Cybercriminals impersonate a legitimate business or specific employee to steal money through fake invoices, gift card schemes, payroll diversion, billing account changes, and more. BEC attacks cost companies $2.4 billion in 2021, according to the FBI.

2. Phishing: Cybercriminals send social engineering phishing emails to trick victims into divulging sensitive info, paying fake invoices, or installing malware.

3. Ransomware: A type of extortion malware that seizes and blocks access to an organization’s systems and data. Criminals will demand a fee to remove the ransomware.

4. Supply chain attacks: An impersonation attack where criminals impersonate or seize the account of a company’s trusted partner or vendor. They use the compromised account to dupe victims into paying fake invoices.

There are currently three primary email security solutions on the market today:

• Secure email gateway (SEG): The traditional option, secure email gateways scan emails for known “bad signals,” like suspicious links and attachments. SEGs successfully filter spam and block large scale attacks, but struggle with targeted social engineering email attacks that don’t contain obvious red flags.

• Built-in email provider protection: Email providers like Google and Microsoft include native email security. Like SEGs, these solutions do a great job on spam and wide-net attacks. But they also miss sophisticated attacks like spear-phishing and BEC–our email security trends survey found that 79% of respondents believe that an email provider's native security is insufficient.

• Cloud-based email security: API-enabled email security solutions that integrate directly with cloud email (ICES) are relatively new players. These products exist to fill the gap of attacks missed by SEGs and built-in email provider security. They look beyond known email red flags, using behavioral analysis and contextual clues to spot suspicious emails.

Most organizations currently rely on email gateways and built-in security from their email provider.

While these do a great job of preventing spam and obviously malicious emails from landing in user inboxes, they miss costly and sophisticated social engineering email attacks that are growing in frequency. Attacks like business email compromise and phishing are the most expensive cybercrimes facing organizations today.

Rather than spamming millions of emails with easily detectable suspicious attachments and links, cybercriminals opt for a more targeted approach. They spend months researching targets to send personalized spear phishing emails that impersonate a coworker or trusted vendor. These emails don’t contain known red flags, so they bypass SEGs and built-in security filters.

Here’s a real example of a modern social engineering email attack that bypasses a SEG. It has no known red flags, but it actually comes from a compromised vendor account in their supply chain. This attack successfully scammed the victim out of $753,000.

Organizations that rely on traditional email security are at risk. This risk remains in place unless orgs evolve their email security to match modern threats.

Effective email security combines strong processes and modern technology. Enacting these policies goes a long way in preventing dangerous emails from landing in your user’s inboxes.

• Strong password requirements: Enforce lengthy passwords with diverse characters and require regular password changes. This helps block credential stuffing and brute force attacks.

• Two-factor authentication: Multi-step logins help prevent account takeover attempts, even after a password leak. Enact it for all accounts.

• Be suspicious of links and attachments: Malicious emails with dangerous links and attachments can slip through traditional email security defenses. Approach them with a watchful eye, even if they come from a seemingly trustworthy source.

• Off-board employees: Properly retrieve company equipment and remove all account access for departing employees. Not doing so opens the door to data breaches, leaks, and email compromises.

• Use an advanced spam filter: While spam is often easy to identify and ignore, sifting through it is a time-suck, and it can compromise an employee who isn’t careful. Add an email spam filter to your security stack.

• Teach security culture: Give your employees the tools to protect themselves and your organization by teaching them proper procedures. Require security awareness training for all employees.

• Strong email security: Don’t rely on built-in email provider security or an outdated gateway. Use advanced email security that integrates into the cloud, analyzes behavioral patterns to detect unusual behavior, and automatically remediates suspicious emails.

• Domain and header authentication: Ensure that emails are actually from their apparent sender by using authentication standards like SPF, DKIM, and DMARC.

Email security is not a singular event. It requires constant evaluation and monitoring. Enact quarterly reviews of your email security–how many threats your security has caught, how many have slipped through, and whether any changes are necessary, for example.

Even with email security technology in place, your employees may still find phishing scams and social engineering email attacks in their inboxes. You need a layer of email security that can block the modern email attacks that slip by traditional security measures.

Abnormal Security uses behavioral analysis and contextual language clues to spot malicious emails. We can highlight unusual financial requests, manufactured urgency, and suspicious login behavior from senders–all common signs of a phishing attack that traditional email may miss.

That’s on top of standard email security practices like scanning attachments and URLs and verifying sender reputation. Our cloud email security seamlessly integrates with your email provider to effectively replace your SEG.

See an Abnormal demo to learn how Abnormal can modernize your email security