Email is one of many organizations’ most critical applications. Facilitating both internal and third-party communications, and full of capabilities like attachments, links, and calendaring, business email has become integral. Yet for many organizations, email also makes up the organization’s largest internet-facing computing service. With “allow all” and “disallow by exception” default inbound and outbound communications, email is also easy to infiltrate and take down. While email compromise is nothing new, the pace and complexity of attacks have drastically increased in recent years.
Criminal profiteers have capitalized on the remote and hybrid work settings many businesses have created. They have realized that email fraud can be applied in scale and be highly lucrative. Remote and hybrid working has increased many organizations’ attack surface area while, at the same time, has decreased the level of face-to-face and one-to-one communication among workers. This combination results in business email systems being desirable targets for threat actors.