An email address is, perhaps, one of the most overlooked network-accessible resources. Many highly publicized attacks are attributed to a phishing email link that an unsuspecting employee regrettably clicked on. Also, business email compromise (BEC) accounted for 50% of total losses among organizations or $1.2 billion in 2018. Yet despite all the constant warnings and devastating examples, these attacks keep on happening. Why is this so?
The occurrence could be bewildering indeed for cybersecurity professionals who deploy the most advanced endpoint protection and intrusion detection systems (IDSs) there is. Unfortunately, all efforts to ward off attackers can prove irrelevant unless you educate employees on good email hygiene or implement the right email security policies.