The potential for revealing personally identifiable information (PII) in the ‘To’ or ‘CC’ fields of an email is a risk well understood. Yet despite this, it remains the source of far too many data breaches.

The sheer volume and complexity of data held within the UK healthcare sector makes it a challenge from a cybersecurity perspective to keep secure. In fact, research from a survey we conducted recently revealed that 67% of healthcare organizations in the UK have suffered a cybersecurity incident over the last 12 months. With the introduction of new data regulations and new technologies across the...

In this blog, we take a look at why phishing is the most successful delivery of ransomware and what your organization can do to defend your data and your brand.

Investing in email protection beyond basic anti-spam is vital to protecting an organization. Persuading leadership and stakeholders of this can be complicated. We take a look at ways to obtain comprehensive email security buy-in.

In the last few years, Microsoft 365 (M365) has eclipsed all other cloud providers to emerge as the most widely used enterprise cloud service and the latest survey data shows that adoption of M365 is still increasing. It is not just impressive in its adoption rates, Microsoft has also been incremental evolving business technology; organizations now rely on cloud technology to function. However...

Through a layered approach utilizing a comprehensive solution as the primary defense, Fortra fills major gaps in email platform security by protecting users from external threats and safeguarding your sensitive data from being leaked both inside and outside your organization.

Following a multi-layered approach to phishing defense is a good idea, but using what you have close to home is best when it comes to a sensible security posture. In practice, a robust security awareness training program is key to instruct employees on what to look for when trying to spot phishing emails that may have landed in their inboxes.

The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra's PhishLabs.

When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and fraud...

We're going to delve into what the meaning of SPF for email is, how to implement it, the benefits of deploying it, and how to further protect your email-sending domains. What is SPF for Email? Sender Policy Framework (SPF) is an email authentication standard that domain owners use to specify the email servers they send email from, making it harder for fraudsters to spoof sender information. SPF...

In this DKIM setup guide, we’ll walk you through the steps on how to set up DKIM correctly, test it, avoid common pitfalls, and fix common mistakes. In case you’re new to DKIM, or DomainKeys Identified Mail, we’ll start with a high-level overview before getting to the step-by-step instructions, but you can first look up your DKIM record here . What is DKIM? A Brief Introduction DKIM is a standard...

“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...

What is Email Spoofing? Email spoofing is one of the most common forms of cybercriminal activity, specifically a form of identity deception that's widely used in phishing and spam attacks. It underpins the mechanism required to conduct hacking activities, and it can take many forms. Unfortunately, most email users will eventually receive an email that has been spoofed—whether they know it or not...

It takes years to build trusted relationships with your customers — but as all-too-familiar headlines and recounted tales of woe from IT departments tell us, cybercriminals can abuse that trust to trick your customers, employees, and partners into opening their malicious emails in a matter of minutes.  DMARC, or Domain-Based Message Authentication, Reporting, and Conformance, is an essential email...

Do-it-yourselfers abound everywhere in these days – from YouTube stars demonstrating the latest hacks through tutorials to entire cable channels and streaming networks devoted to DIY, average laypeople have become self-proclaimed experts in a variety of areas and skills. But should you take a do-it-yourself approach when it comes to technology and email security, or more specifically to DMARC...

In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects . With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems. To understand why, let’s consider the benefits of deploying...

What is the difference between SMTPS and SMTP? SMTPS uses additional SSL or TLS cryptographic protocols for improved security, and the extra "S" stands for SECURE! By default, SMTP to send email lacks encryption and can be used for sending without any protection in place, leaving emails with an SMTP setup susceptible to man-in-the-middle attacks and eavesdropping from bad actors while messages are...

With email attacks contributing to billions of lost dollars each year, a growing number of organizations are adopting Domain-based Message Authentication, Reporting & Conformance (DMARC) in an effort to protect themselves and their customers from fraudsters. Adoption of DMARC has steadily gained traction since the onset of the pandemic, and the original email authentication protocols at the heart...

To help IT teams define a robust email security policy and determine what’s required from an email security solution, we’ve put together a new six-step guide.

What does a phishing email look like? We've compiled phishing email examples to help show what a spoofed email looks like to prevent against phishing attacks. Brand deception phishing is the most common example of phishing people will come across. Brand deception phishing occurs when an attacker mimics a trusted company in an email and asks someone for their personal information like credit card...