The State of Email Security 2018 Report
The latest threats, confidence killers and bad behaviors—and a cyber resilience strategy to fix them
The dangers of a phishing email attack.
A phishing email attack is a fraudulent attempt to trick an email recipient into sharing sensitive information like login credentials, account information or personal data. The sender of a phishing email typically poses as a reputable business or known person to get the recipient to click on a link or open an attachment. In a spear phishing email, the attacker attempts to gain access to confidential data by posing as a trusted source, often within the same company. And in a form of phishing known as whale phishing, attackers can impersonate a high-level executive, tricking another employee into sending money to an account that turns out to be a sham or distributing sensitive corporate or personnel data.
Despite widespread education and efforts to make users aware of the dangers of this kind of fraud, phishing email attacks are surprisingly successful. In fact, 91% of hacking attacks today start with some kind of phishing email1. The costs of a successful phishing attack can reach into the millions of dollars, due to fines and legal action as well as business disruption, damage to corporate reputation and loss of customer confidence.
To mitigate the risks of a phishing email attack and improve spear security, Mimecast offers Targeted Threat Protection. This cloud-based service – part of Mimecast’s all-in-one subscription service for email security, archiving and continuity -- extends traditional gateway security to protect against all forms of a phishing email attack.
Mimecast’s service scans email in real-time to identify suspicious messages. With Mimecast, organizations can combat threats from a phishing attack with:
Mimecast Targeted Threat Protection defends against every type of phishing email threat.
Impersonation Protect identifies a whaling attack that uses social-engineering to trick employees into divulging confidential data or wiring funds to a fraudulent account. Mimecast scans all inbound emails in real-time, searching for specific signs of fraud in the header, domain and content of the message.
URL Protect prevents a phishing email attack by scanning all URLs within incoming and archived emails on every click and opening websites only if they have been determined to be safe.
Attachment Protect defends against weaponized attachments by sandboxing attachments and allowing only safe documents to be sent on to the user.