TL; DR: Email has spawned a love-hate relationship with users over the years. Companies can’t function without it. But that hasn’t stopped teams from pointing out the many glaring weaknesses, including spam and phishing, that have plagued the email user experience all these years. Hornetsecurity recently released its annual Cybersecurity Report that details the security landscape surrounding email communication. Below, we’ll discuss what the top threats to email security are and how your company can combat these cyberthreats.
How packed is your email inbox? I don’t know about you but my inbox has an ungodly number of unread messages – a number I wouldn’t even dream of clearing or cleaning up. And I’ll admit that’s the reality with both my work and personal accounts.
My work account hasn’t reached the overwhelming levels of disorganization as my personal email. So there is still hope there, but there are many messages still to delete there.
I think we all struggle with messy inboxes. Other than that one person we all know who keeps their inbox tidy, email inboxes that aren’t exploding at the seams have become something of a marvel.
We could place most of the blame for our email woes on unwanted emails, particularly spam. Hornetsecurity recently released its annual Cybersecurity Report, which revealed that over a third of all emails received by businesses in 2024 were unwanted.
But that’s not all. Nearly half a billion of that unwanted mail contains some form of malicious content, targeted to steal information and harm business operations.
Although email has become synonymous with business communication, it is still one of the least secure channels within businesses.
“With over 427 million malicious emails still reaching inboxes, it’s clear that cybersecurity strategies must evolve to stay ahead of increasingly sophisticated threats,” said Daniel Hofmann, the CEO of Hornetsecurity.
“This data underscores the need for stronger email security coupled with user awareness to keep organizations safe.”
Phishing Remains the Top Email Threat
Email is the cornerstone for communication and relaying important documents among teams. In fact, checking emails is one of the most crucial parts of the workday for many of us.
Unfortunately, the sheer volume of emails can make most of us recoil from even opening the first one. What makes matters worse is a good chunk of these emails are entirely insignificant to our tasks, whether they’re cold emails, promos, or miscellaneous account updates.
But among the worst emails you can receive are phishing emails. These messages not only unnecessarily bloat inboxes, but they also pose a danger to you and your entire organization.
According to Hornetsecurity, phishing remains the most prevalent form of attack, responsible for one-third of all cyberattacks in 2024. After an analysis of more than 55 billion emails, the Hornetsecurity team found that phishing has been a top concern for teams year over year.
There is an upside to this, however. Having this consistency in method of attack can help companies with their cybersecurity strategies. This way, they can know what to prepare for and protect against.
Malicious URLs and advanced fee scams have also emerged as top attack vectors for bad actors to use against companies. Malicious URLs and fee scams were responsible for 22.7% and 6.4% of email cyberattacks, respectively.
Setting up protective measures against the enemy you know is always a smart idea. But remaining equally as vigilant can actually set you up for better progress, according to Daniel.
“These findings highlight both progress and new challenges in the fight against cyberthreats. While it’s encouraging to see some consistency in attack methods, for defensive purposes, the shift toward more targeted social engineering tactics means businesses must stay vigilant,” said Daniel.
As technology evolves, so do bad actors. This is what we’re currently seeing in the cybersecurity landscape. For example, AI has made our business processes smarter, but it has also emerged as a tool for hackers to sneak into your files.
Is there anything as consistent as hackers evolving their methods? Unfortunately, a hacker’s methods become more sophisticated each year. But cybersecurity teams can also stay just as agile in their protective measures. I’ll further explore this topic below.
The Bad Actor’s New, Shiny Weapon
Bad actors are constantly upping their game. And adding new, shiny weapons to their ever-evolving arsenal is one way they stay ahead.
According to Hornetsecurity, the use of malicious attachments has decreased over the last year. Instead of using various malicious files, hackers are using social engineering and links to trick users and steal their credentials in an attack called reverse-proxy credential theft.
In reverse-proxy credential theft, cybercriminals use a reverse-proxy server as an intermediary between the user and the web server or website the user is trying to access. The server then redirects the user to fake login pages where the hacker can capture credentials in real time, even bypassing two-factor authentication.
As it happens, social engineering is a key piece to this scheme. Have you ever gotten an email that looked incredibly realistic but you knew something was fishy about it? That is an example of social engineering used by hackers.
Through social engineering, hackers are able to manipulate users into doing their bidding. And adding AI to their arsenal has only made it easier for cybercriminals to create these attacks.
Hackers can use Gen AI to craft more convincing social engineering attacks and do so quickly. AI tools can churn out realistic emails to help hackers persuade employees to click on malicious links and give up their credentials.
Malicious URLs have been the second most common type of attack in 2024. This attack vector was used in 22.7% of all attacks and surged in use in 2023. Evilginx is one example of a tool that has helped draw out these attacks.
As they say, old habits die hard. Though file use has decreased, cybercriminals haven’t turned away from their old threat tactic. HTML files (20.4%), PDFs (19.2%), and Archive (17.6%) files remain the top three file types hackers use to attack users in 2024 as they did in 2023.
How a Zero Trust Mindset Can Shift the Fight
To stop bad actors, you have to beat them at their own game. I’ll use sports as an example. Every sports team knows solely playing defense won’t win them the game — offense is just as important.
Similarly, cybersecurity teams must be proactive in their fight against cyberattacks to protect their home turf. This year, there has been a net decline in attacks compared to 2023, and the threat index has dropped in nearly every industry.
But if we know anything about the cybersecurity landscape, it’s that you never let your guard down.
The Hornetsecurity report shows that every industry is still under attack. Mining, entertainment, and manufacturing have taken the top spots as the most targeted for ransomware attacks and double-extortion scams.
Shipping brands have also run into some trouble, as bad actors continue to impersonate them online. Cybercriminals using phishing scams are targeting customers with schemes that are increasingly similar to real communications from these companies.
The shipping industry isn’t the only one experiencing impersonation attempts. Companies, including Mastercard and Netflix, have also seen notable increases, while DocuSign and Facebook saw double the number of attempts this year compared to 2023.
Companies seeking to protect themselves from attacks can adopt the zero trust mindset. Zero trust is a security strategy that assumes no user or device should be trusted by default.
“In 2025, organizations must prioritize basic security practices and embrace a zero-trust mindset to tackle vulnerabilities head-on and foster a strong security culture. Building a well-defended business isn’t possible without engaging everyone,” said Daniel.
The zero-trust mindset is an all-hands-on-deck approach. It requires enforcing strict identity authentication and authorization for everyone, whether internal or external, to reduce uncertainty and prevent unauthorized access by attackers.
So employees must understand why the company is implementing this strategy. Daniel said that starts with explaining how cybersecurity impacts them personally and why their role is essential to keeping threats at bay.
“This report’s findings should motivate, not deter, organizations from focusing on cybersecurity. By working with trusted vendors, companies can not only protect themselves but also tap into expert knowledge that elevates their overall cybersecurity strategy,” said Daniel.
For more information, including predictions for 2025, you can read Hornetsecurity’s full Cybersecurity Report here.