The coronavirus pandemic changed the way we work, probably forever. We entered a new normal of remote working, and, being home-bound, it was business as usual – well almost. While many enjoyed the luxury of desking from home, working remotely came with a new set of challenges for businesses to keep their IT and data safe. One of these was email security. The long and the short of it is that cybercriminals target email because it can be an open door to your network. Systems can easily be injected with ransomware that goes undetected for weeks or months. And that’s just the start…


In a nutshell, email security is about protecting your confidential and sensitive information contained in email communication and securing it against unauthorised access, loss or compromise. Put simply, it involves keeping your data out of harm’s way. It is a common misconception that many companies think that they are too small or unimportant to be hacked and foolishly believe that their email is adequately secured. These SMBs are deluded. Ineffective email security leaves them vulnerable to crippling cyberattacks that cost money, decrease productivity, and cause downtime and long-term reputational damage.


Nowadays, email is integrated into cloud-collaboration suites like Microsoft 365 and Google Workplace. These platforms present bad actors with entry points and exploit opportunities once inside systems. As such, your email security needs to include mid-attack protection measures like detecting compromised accounts and access management tools. Here are 5 of the most common and dangerous attacks that prevail in the email threat landscape:

  • Phishing

A form of social engineering in which malicious emails are used to trick users into divulging confidential information by clicking on a link or downloading a file. In 2021, phishing accounted for 83% of all cybersecurity breaches in the UK.

  • Spear phishing

A variation of phishing in which hackers send out fraudulent emails that appear to be genuine. This popular method is cheap, easy and effective and generally more successful than conventional phishing.

  • Malware

Any software designed to disrupt, damage or gain unauthorised access to a computer or IT network. 92% of all malware is delivered via email and Accenture claims that companies suffer 50 days of downtime following an attack.

  • Ransomware

This is the worst type of malware that blocks access to a computer or network until a ransom, usually in cryptocurrency, is paid. Who can forget the attack on Miami-based IT provider Kaseya last year where the Russian hacking group, REvil, demanded $70 million in bitcoin.

  • Spam

Unsolicited email sent in bulk. Besides being annoying, these emails typically contain malevolent links or attachments aimed at stealing information and identities. Spammers often obtain an email address after a victim has unwittingly posted it online.


Just how bad is the threat to email security? According to Verizon, the American wireless network operator, 90% of cyberattacks are initiated via email. Closer to home, the UK’s National Cyber Security Centre (NCSC) stated that 160,000 suspicious emails were reported in a 14 day period in 2020. To take these numbers to the next level, cybersecurity researcher, Cybersecurity Ventures, predicts that the cost of global cybercrime will top $10 trillion by 2025. If that isn’t a good enough reason to have resilient email security, then what is?


On Wednesday, 25 May at 10 am UK time, Izak Oosthuizen, Founder and MD of Zhero and bestselling author, will lead his ‘It’s Phishing Season: Secure your emails now’ webinar. You can join Izak for an in-depth discussion on the importance of email security, addressing these issues:

  • the reality of email security in the workplace
  • the types of email threats
  • the impact of remote working on email security
  • how to mitigate risk and protect yourself
  • what else you can do to stay safe from email threats

Register today to join the discussion. Email security is something that neither you nor your business can afford to be without.

Leave a comment