Your guide to understanding the email threat landscape

94% of malware is delivered via email. All it takes is one wrong click, and the damage is done.

We’re seeing a rise in phishing attacks against cloud-based email services such as Microsoft 365 as an increasing number of companies transition to the more cost-efficient cloud solutions. Email has been, and remains as, the primary initial attack vector used by attackers to infiltrate an organization’s server. 

Read our whitepaper to:

  • Discover the most common email security threats
  • Understand how the transition to cloud-based solutions affects your email security
  • Get an insight on COVID-19's impact on the email threat landscape
  • Learn how to protect your business from advanced email threats

Topics covered in this whitepaper


Email remains as the primary initial access vector used by attackers – with 94% of malware being delivered via email.

Almost 50% of all malicious attachments are found to be office documents with hidden macros, scripts and other exploits, which upon activation, will download additional payloads, such as ransomware and RAT. The rest are commonly through Windows Apps (26%) and other, such as archives and .js files (22%).

Transition to cloud-based solutions

According to recent research by Gartner, "by 2021, Gartner expects 70% of public and private companies to be using cloud email services."

There is already an increasing number of organizations transitioning to the more cost-efficient cloud-based solutions such as Microsoft 365. Along with this transition is a parallel uptick in attackers seeking to compromise a user’s email account as the organizations’ emails and other valuable data migrate along with them. To date, over 80% of compromises is driven and enabled by credential theft.


In this case, cyber criminals know that you are expecting emails relating to COVID-19. Criminals can increase the effectiveness of their email attacks by mimicking a familiar authority, using urgency and exploiting the globally felt fear due to the current situation.

Malicious actors may use existing, real, materials as bait to encourage people to perform a risky action such as click a link or open an attachment. A favourite tactic is to hide executables in archive files attached to emails. It is critical that users look at the sender of an email and examine any links contained within it before taking action. By mid April 2020, Google reported an average of 18 million COVID-19 phishing emails that were sent out via Gmail in a day.

Read more - download now

Fill in the form below to download the complete whitepaper.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.