Cybersecurity blog

The Email Security Wake-Up Call: 79% of Orgs Faced a Cyber Incident Last Year

Explore the critical importance of robust email security in 2025.

Get Started
Speak to an Expert

Geraldine Hunt

A layered cybersecurity approach used to be enough to stop most cyberattacks but that’s changed. AI has introduced new threats and shifted the landscape. Recent research carried out by TitanHQ and analyst firm Osterman Research has found that even with a layer of security on top of Microsoft 365, 79% of companies are still experiencing cyber incidents.

Across the board, companies are dealing with damaging cyberattacks that stall business operations, cost enormous sums of money, and damage reputations. Cyber incidents are costly on many levels. The layered approach to cybersecurity has changed. MSPs and SMBs need to adjust their approach to email-borne cyber threats.

Why Email is like an Open Front Door for Cyberattackers

Threats come into a business from multiple angles, but email remains the number one entry point. Attackers continue to use email to enter the company digital front door with changing tactics and new ways of evading detection. Almost all respondents to the Osterman Research survey (93%) identified email as an area of evolving threats that requires constant vigilance and up-to-date solutions.

Email is at the heart of communications. Attackers use this channel to connect directly with a target, manipulating their behavior to gain broader network access. Even basic access level entry is enough to begin more complex, multi-part attacks. As such, email has become the most essential part of the enterprise to protect.

Osterman researchers noted respondents experiencing scenarios like this:

“The malicious actors were observed manipulating several Microsoft 365 organization tenants (both new and compromised), establishing administrative accounts, creating full-text messages impersonating Microsoft transaction notifications, generating a billing by initiating a purchase or trial subscription event, and then using Microsoft 365 infrastructure to send phishing emails.“

Emails provide the way into an organization, allowing attackers to use this initial intrusion to escalate the incursion into a full-blown cyberattack. The research findings show that the following five types of threats rely on exploiting the email system to enter the network:

BEC Attacks

Business Email Compromise uses email to impersonate C-Level executives and manipulate employees into paying fake invoices. Multiple types of BEC attacks include gift card scams, invoice fraud, and payroll diversion. The cost to businesses is vast, with estimates from the FBI coming in at an average of $137,132 per incident. Over half of respondents expect BEC attacks to continue to increase in 2025.

Phishing

Phishing and email are synonymous, although other channels like SMS text and mobile messaging apps are seeing a surge in phishing. Osterman's research shows that around one-third (32.3%) of respondents had login credentials compromised due to a phishing attack. MSPs are also threatened by phishing, with almost one-quarter (23.5%) of MSP customers login credentials to cyber criminals after being phished. Notably, the research shows that almost two-thirds of respondents expect phishing to increase in intensity in the next 12 months.

QR Code Phishing

QR Code phishing, or "Quishing," is a variant of phishing that relies on tricking a user into accessing a spoof website via a QR code. The study shows that this tactic is now the fourth most common attack method used to steal login credentials: 1 in 5 organizations experienced at least one QR-code-related login credential theft in 2024.

Generative AI

Generative AI has hit the world like a raging storm. The technology has also offered cybercriminals new methods, changing attack tactics and creating more sophisticated methodologies to manipulate individuals. Offensive AI has allowed cybercriminals to increase attack volumes and feed services like Phishing-as-a-Service (PaaS) and Malware-as-a-Service (MaaS) with ever-more persuasive and evasive options. The researchers found that 61.5% of respondents expect generative AI to increase threat levels and make the attacks more difficult to identify.

Deepfakes

Deepfakes may conjure up images of spoofed videos of celebrities on social media, but deepfakes are rapidly becoming a weapon of choice for cybercriminals. AI is used to create spoof images, voice, and video to trick employees into performing tasks that benefit cybercriminals. Research findings show that 1 in 9 respondents experienced at least one incident involving deepfake techniques as part of the exploit.

Why the Layered Approach to Security Needs to be Smarter

In all the examples above, a single email-borne incident can spiral into multiple threats. 98% of companies use layered security to prevent email as the single point of malicious entry. But 78% still experience cyber incidents, and half experience 2-4 incidents yearly. Clearly, layering on additional security is not working. MFA is one such layer that is part of accepted security wisdom. However, MFA is no longer a guarantee of protection. In recent years, multiple MFA workarounds have been seen, breaking the protection to the point where MFA cannot be relied upon. Respondents to the survey demonstrate this, with almost one-fifth of companies (18.9%) and one-fifth of MSP customers (17.5%) having credentials compromised, even though they had MFA in place.

Cybercriminals are becoming smarter, using AI to assist in their efforts, developing clever evasive tactics, and finding security workarounds to security layers.

Layered security needs to smarten up. If cybercriminals are weaponizing AI, organizations need to follow suit and use AI defensively. Smart layered security is not about more tools; it's about choosing the right ones—smart tools that can close the detection and response gaps that other solutions miss.

The Pressure Grows on MSPs to Proactively Protect Clients

MSPs are at the forefront of this explosion in cyberattack incidents accelerated by AI, clever evasive techniques, and security workarounds. The Osterman research included MSP respondents. The research shows that MSPs are dealing with the same threat volumes and types but at a higher level; 90% of MSPs said they had customers who were compromised by at least one type of incident over the previous 12 months.

MSPs are in a highly competitive space. They must prove that they have the right tools in place to protect their customers from email-borne threats.

Essential Steps to Strengthening your Email Defenses

"This research makes it clear that smaller businesses (with fewer than 1,000 employees) and MSPs need to strengthen their email security protections - as AI-enabled attacks increase and the threat level of a whole set of email threats intensifies." - Osterman Research

Your email defences are dependent on both humans and technology:

Human Risk Management (HRM)

Osterman concludes that “Human Risk Management” is at the core of controlling this AI-assisted wave of cyberattacks. HRM is a data-driven approach to mitigating risk and improving security posture. HRM goes beyond simple recognition of phishing. It is about creating a culture within an organization where employees are threat-aware, security-competent, and can identify cyberthreats “anywhere, anytime, any channel.” The associated security awareness training implemented by an organization MUST be HRM-ready.

AI-enabled email security

Fighting AI with AI is the new layered approach to security. AI-enabled email security solutions can handle the evolving threats brought into the company via email. Technologies like PhishShield use advanced AI technologies, such as Natural Language Processing (NLP) and machine learning to spot AI-assisted cyberattacks. AI is powering email-borne cyberattacks, but AI can be used to fight back. However, it must be used in combination with security awareness training and phishing simulations to close off all avenues as cybercriminals continue to evolve new and more evasive tactics.

Enhancing email security is key to stopping modern threats like phishing, BEC, AI-generated attacks, and deepfakes. Cybercriminals are using AI to scale and evolve their attacks. With TitanHQ email security and the underlying PhishShield functionality, you’re not just reacting you’re ready to block these attacks.

With SpamTitan and PhishTitan working together, you are protected before, during, and after the email's journey to the inbox. It’s the perfect combination to give you total email protection.

Curious how TitanHQ can stop threats like phishing, BEC, AI-generated attacks, and deepfakes? Get a free demo and see it in action.

Talk to our Team today

Get Started
Speak to an Expert

PhishTitan

SpamTitan

TitanHQ SAT

WebTitan

ArcTitan

EncryptTitan

Managed Service Providers

Education - K12 Schools

Financial Services

SMBs

Hotels - Wifi

Guest WiFi

Employee Phishing Training

Phishing Simulation Tool

Anti-Phishing Filter

Data Leak Prevention

Cisco Umbrella Alternative

Barracuda Essentials Alternative

DNSFilter Alternative

Mimecast Alternative

Microsoft EOA Alternative

About

Testimonials and Case Studies

Careers

Branding

Events

MSP Partners