Companies and individuals exchange over 300 billion e-mails every day. The importance and necessity of the use of e-mail in the working environment often leads to ignoring and underestimating the risks involved in its use. 

The email represents a technology not easy to protect and, consequently, can be subject to violations, alterations and manipulations

According to recent research by Chubb, over the five-year period 2016-2020, cybercriminals have Stolen more than $28 billion through e-mail fraud. The average economic damage of a cyber attack is $150,000.


Email hacking schemes are constantly evolving. In the past, e-mail attacks took the form of sending malicious links with attached viruses. 

Today, cybercriminals use more refined techniques than in the past.

No more attachments or files that would be easily detected by malware scanners.  These are now social engineering attacks, aimed at altering the identity of a sender, intercepting important messages and sending fake, apparently authentic content. 

These attacks can easily breach a company's security defences. 

"With the high level of deception and manipulation involved in these attacks, email security requires a zero-trust approach."said the researchers. "For example, an email from your bank requesting payment information or login credentials should be considered suspicious until the information can be independently verified through another channel, such as a direct phone call.".

Companies that are victims of e-mail compromise must act quickly: "Given the motivation and ingenuity of cybercriminals, organisations should bear in mind that these frauds continue to increase as criminals adapt to the countermeasures implemented to counter them."concludes the report. 

A careful analysis of the procedures used to verify electronically received information and an up-to-date cyber defence are essential requirements that an organisation must implement in order to counter social engineering fraud.

Cyber criminals will continue to act until companies adopt appropriate procedures to eliminate internal security vulnerabilities.

The only way to defend yourself, especially if you have a small or medium-sized business, is to prevent cyber attacks by identifying and eliminating your company's weaknesses.


Download Free Guide

In our guide you will learn how to secure a small or medium-sized business, from an IT point of view, and how to protect yourself from attacks on the internet.

Related items

Poste Italiane and Cyberangels: A Collaboration for Italy's Digital Future

The Hero versus the Villain: how SMEs can avoid cybersecurity mistakes in web application development

This is the story of one of our clients, a small consulting company in the pharmaceutical sector, and how it ran into difficulties after developing a web application to provide technical services to its customers

The importance of supplier cyber risk management in the NIS2 era

The implementation of the NIS2 Directive is now live -and it will have a strong impact on how companies manage supplier risk in the coming years.

Your company finally protected and secure.

We offer protection and insurance tailored to your company and your level of risk.
Registration free of charge.

Contact us for more information