Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.
Billions of people use email everyday — it’s the backbone of online collaboration, administration, and customer service.
But businesses lose billions to email-based cyberattacks every year. Workers use email to exfiltrate sensitive company data. And simple human errors, like sending an email to the wrong person, can be highly problematic.
The bottom line: for all its benefits, email communication is risky and, according to research, it’s the threat vector security leaders are most concerned about protecting.
This article will look at the main threats associated with using email — and consider what you can do to mitigate them.
Before we look at some of the risks of email communication, let’s consider the scope of the problem. After all, around 4 billion people worldwide use email regularly.
So, with alternative platforms like Slack and Teams rising in popularity. why does email remain the world’s main artery of communication? Email is platform-independent, simple, and accessible. No company would consider cutting email out of its communication channels.
But for every “pro” involved in using email, there’s a “con.” If you’re relying on email communication, you need to mitigate the risks.
A major risk of email communication is security. Because it’s so flexible and easy-to-use, email carries a unique set of security risks.
Phishing is a type of online “social engineering” attack. The attacker impersonates somebody that their target is likely to trust and manipulates them into providing sensitive information, transferring money, or revealing login credentials.
Around 90% of phishing occurs via email. Here are the main types:
While today, most people are attuned to the problem of phishing, the problem is only getting worse. Don’t believe us? Check out these 50+ must-know phishing statistics.
That means phishing protection is an essential part of using email. Looking for more information on inbound email protection? Click here.
As well as inbound email threats, like phishing, you must also consider the threats that can arise from inside your business.
Tessian survey data suggests that 45% of employees download, save, send, or otherwise exfiltrate work-related documents before leaving their job. The most competitive industries — like tech, management consultancy, and finance — see the highest rates of this phenomenon.
Email is a quick and convenient way to send large amounts of data to external contacts — and can be a pipeline for disgruntled or corrupt employees to siphon off company assets.
If you want to learn more about insider threats, including real-world examples, check out these articles:
Phishing is a booming criminal industry — and there’s evidence that the new patterns of remote working are making phishing more common than ever.
Tessian research shows that 65% of US and UK employees received a phishing email when working remotely in 2020 due to the COVID-19 pandemic, and 82% of IT leaders think their company is at greater risk of phishing attacks when employees are working from home.
If your company operates a hybrid or remote working model, email security is even more crucial.
Innocent mistakes can be just as harmful as cyberattacks. In fact, 88% of data breaches are caused by human error.
Research shows that most people have sent at least one email to the wrong person, with nearly one-fifth admitting to sending an email to someone outside of their organization.
Our platform data also shows that there are, on average, 800 misdirected emails per year in companies with more than 1000 employees.That’s two a day.
Sending an email to the wrong recipient is so common, you might not think they’re a big deal. But data from the UK’s Information Commissioner’s Office (ICO) consistently shows that misdirected emails are the number one cause of reportable data breaches.
Misspelling, autocorrect, reply-all — these are all reasons you might send an email to the wrong recipient. It’s a serious risk of email communication — but you can prevent it.
Along with misdirected emails, “misattached files” are a major cause of data loss. New data shows some very worrying trends related to people sending emails with incorrect attachments.
First, here’s what’s inside the documents people are sending in error:
The survey also shows that – as a result of sending misattached files – one-third lost a customer or client — and 31% faced legal action.
The risks we’ve described all depend on human vulnerabilities. Cyberattackers prey on people’s trust and deference to authority — and anyone can make a mistake when sending an email.
That’s why email security is a must. Looking for help choosing a solution? We’ve put together this handy guide: 9 Questions That Will Help You Choose the Right Email Security Solution.
If you want more tips, how-to guides, and checklists related to email security specifically and cybersecurity more broadly, sign-up for our newsletter!
Tessian software mitigates all types of risks associated with email communication: