Managed Services Providers are responsible for ensuring their clients’ security and data protection. To ensure the data protection and security of a client’s network, a Managed Service Provider (MSP) needs the right partners, products, and tools to make their entire process more efficient while still maintaining a high standard of service for their clients. The tools an MSP chooses also affect its return on investment, including the amount of time it takes to respond to incidents, deploy new services, and manage a client’s current infrastructure. MSPs can utilize TitanHQ products in various ways to meet client needs and keep them protected from a range of threats and malware.
Growth in Phishing & Cyber Attacks
Organizations worldwide face an increase in cyber threats as criminal groups leverage new technologies for malicious purposes. Half of the organizations surveyed in the ‘State of email security in 2025’ research experienced between 2 and 4 types of incidents in the last 12 months.
The application of AI for offensive cyber threats has led threat actors to become more successful, prompting organizations to race to counter emerging offensive AI with defensive AI.
In most years, we see continued evolution in the design of new types of attacks and threats, with recent explorations by threat actors focusing on MFA bypass in phishing attacks, new types of BEC attacks, QR code phishing, and early forays into deepfakes. The past year has been no different, with major incidents and data breaches making headlines.
For example (and this is by no means a long or exhaustive list:
- The deepfake video meeting BEC attack against the Hong Kong office of Arup, which resulted in a US$25.6 million loss.
- The account compromise at Snowflake, resulting in many of its largest customers facing data breaches of tens and hundreds of millions of records.
- The data breach at National Public Data compromised 3 billion records from 270 million customers. The firm filed for bankruptcy because the breach's impact was too significant to recover from.
- The data breach at MediSecure, which compromised data on 13 million people in Australia, or around half the population.
Phishing & M365
Office 365 adoption is widespread, particularly among small to medium-sized businesses (SMBs). However, margins on 365 licenses alone are razor thin. To turn Office 365 from a break-even offer into a profit driver, MSPs must bundle complementary security solutions.
Protecting your customers' Office 365
Microsoft offers basic security, but it often falls short of SMB needs. In March 2025, TitanHQ, in conjunction with Osterman Research, conducted original research involving over 200 IT professionals; all respondents were using M365 as their primary cloud email platform.
The breakdown by plan is:
- Microsoft 365 (E3) 29%
- Microsoft 365 (E5) 58.70%
- Microsoft 365 (a plan other than E3 or E5) 12.30%
One in five organizations lost money through a business email compromise attack over the previous 12 months. Half of the organizations experienced between 2 and 4 types of incidents.
For a closer look, download the full report here.
Get 10 pages of original research filled with exclusive insights, charts, and data on the current state of email security. This focused report reveals how M365 users are addressing emerging threats, featuring findings that you won’t find anywhere else.
The State of Email Security in 2025
Supplementing M365 Security
With native M365 integration, the TitanHQ standard plan provides 360-degree email and phishing protection, protecting users before, during, and after an email reaches the inbox. Automatically removing threats with in-depth analysis and real-time alerts.
With TitanHQ, MSPs can stay ahead of email threats with two layers of email protection: MX filtering and ICES. The standard plan provides email perimeter and mailbox protection simultaneously. Our seamless M365 integration delivers 360-degree email protection, ensuring proactive defense against phishing, malware, and evolving threats.
Managed Services Providers are under tremendous responsibility to ensure their clients’ security and data protection. To ensure the data protection and security of a client’s network, a Managed Service Provider (MSP) requires the right partners, products, and tools to streamline their entire process while maintaining a high standard of service for their clients. The tools an MSP chooses also affect its return on investment, including the amount of time it takes to respond to incidents, deploy new services, and manage a client’s current infrastructure. MSPs can utilize TitanHQ products in various ways to meet client needs and keep them protected from diverse threats and malware.

Identifying Current and Future Threats
Monitoring solutions are key to an MSP’s success. Proactive cybersecurity is the current strategy supported by the NIST (National Institute of Standards and Technology) framework, and it’s a proven solution for reducing risk and loss of revenue from a targeted threat. MSPs have a unique responsibility of supporting several clients, not just a single company. For internal administrators, they are only required to defend a single entity with a known infrastructure setup; however, an MSP needs to protect multiple businesses that may have completely disparate network resources. In other words, the MSP requires a solution that monitors multiple platforms, which may be configured differently from one another.
To identify threats, the MSP must deploy monitoring solutions that can proactively detect and mitigate them. Real-time analysis using artificial intelligence (AI) is also crucial for detecting ongoing threats and potential zero-day exploits. By utilizing the right real-time monitoring systems, an MSP can automatically stop a threat before it causes damage, rather than reactively responding to cyber events and damage already incurred. In the end, it saves money for the MSP’s client.


Detect and Help Train Employees Identify Phishing Attempts
Email-based threats are among the most common methods by which attackers compromise business systems. Whether it’s stealing credentials, installing malware on a local device, or executing ransomware on a network, email is one of the most common vectors for cyberattacks. Phishing protection is essential for any Managed Service Provider (MSP) to prevent threats from reaching a targeted user’s inbox. TitanHQ offers advanced email security solutions specifically designed for Managed Service Providers (MSPs). These solutions block threats and educate users on detecting phishing attacks, and maintain an archive of emails should the MSP need to investigate during incident response.
Training users is a proven way to stop phishing. Any MSP conducting a thorough assessment of their client’s current network security should also determine if employees need training. Training is especially important for users with high-level privileges on the network to prevent them from being targeted by spear phishing. Spear phishing is a type of phishing attack that creates sophisticated emails targeting users in financial, human resources, or executive departments within an organization.
Employees need the training to empower them to detect sophisticated phishing emails. Training should involve simulations where a phishing email goes out to all employees. The training email typically includes a link to a site that requests sensitive data. The simulation software detects when a user opens the email, clicks the link, and divulges sensitive data such as their network credentials. The simulation software then displays statistics to stakeholders, allowing them to determine whether additional training is needed for specific employees.
Why BEC and Phishing Attacks Need to Be a Priority for MSPs
Business Email Compromise (BEC) scams have been called the “$55 million scam” by the FBI. For any business, BEC scams are a significant concern. This attack is highly focused on financial theft and is increasingly successful. For example, the Health Sector Cybersecurity Coordination Center (HC3) has identified BEC as one of the most financially damaging threats in the healthcare sector. Notably, small to medium-sized companies and MSPs are not exempt; a recent study from TitanHQ and Osterman Research found that over 1 in 5 MSPs (21.6%) lost money to BEC attacks in the last 12 months (research completed March 2025). The study concludes that “BEC attacks represent a major threat for organizations.”
BEC attacks may be a favorite of cybercriminals, but there are ways to prevent this costly crime.
Overview of a BEC scam: it’s all about trust and timing
Understanding the dynamics of a BEC scam is essential for developing methods to protect a business from an attack. There are various types of BEC scams with financial targets focusing on invoices, gift cards, and bank transfers. However, one thing is certain: BEC scams are evolving in response to technological and cultural changes.
The Osterman study found the following trends in BEC scams:
- BEC attackers are focusing on targeting specific individuals rather than deploying mass phishing attacks.
- BEC phishing is sophisticated and carefully composed. It avoids typical phishing tricks, such as malicious links, to evade detection by Security Email Gateways (SEGs). Additionally, SEGs are unable to utilize geolocation data, which is crucial in identifying sophisticated threats like BEC.
- A lack of expected phishing signals has meant that conventional secure email gateways (SEGs) are unable to defend against BEC attacks. The Osterman research found that Exchange Online Protection (EOP) in Microsoft 365 was unable to identify BEC attacks, incorrectly classifying them as “clean.”
BEC scammers are creating campaigns that are bucking the trends seen in previous untargeted mass phishing attacks. Modern BEC campaigns are more dynamic and real-time, using multiple channels to confuse and obfuscate intent. AI is being used to modify and adapt campaigns, thereby evading detection by conventional methods of protection.
Did You Know?
cyber attacks begin with phishing
to seamlessly install PhishTitan
estimated global cybercrime cost
to stop & spot a phishing attack
Phishing Protection for MSPs and their clients
Security experts recommend using a mix of Human Risk Management (HRM) and AI-powered email security tools. This recommended approach includes the following measures:
- AI-powered security solutions: tools that use AI can adapt to new attack methods
- AI that provides automated incident response.
- Highly personalized security awareness training: Utilize AI to create targeted phishing campaigns tailored to individual employee behavior.
- Automated threat reports creation for review or investigation.
- Establish baseline standard communication patterns for every employee. AI can then look for anomalies in these patterns to identify even sophisticated, non-standard BEC attacks
Every year, malware authors modify their code to bypass current cybersecurity defenses. Still, one thing remains constant: phishing emails continue to be an effective way to initiate a credential theft campaign. Employees remain the most significant vulnerability and threat to data. In a phishing campaign aimed at 100 employees, only one employee needs to fall victim to it. Once an employee divulges their credentials, data is at risk. At worst, an attacker gains access to network resources and installs backdoors and malware.
Training employees to recognize the warning signs of a phishing campaign is a proven way to prevent them from becoming victims. Simulated training is best, so MSPs should work with applications and vendors that perform attacks in the same way as a real-world campaign. Any URLs can point to a web page where an MSP can gather statistics to identify which employees clicked the link and determine if any employees entered their credentials. This practice helps improve education so that training can be directed at the biggest human errors.
Choosing the Right Platform for Security Awareness Training (SAT)
The human element is undoubtedly the weak link in any cybersecurity equation. This is why security awareness is crucial for safeguarding organizations from phishing scams.
When selecting a SAT platform to support your customers and mitigate security threats, prioritize the following features:
- Cloud-Based Flexibility: A cloud-delivered SAT platform provides scalable, flexible, and easily trackable training across your organization.
- Engaging, Gamified Content: Interactive and gamified training keeps employees engaged and encourages participation. Content that resonates with learners leads to better retention and improved security outcomes.
- Customized Learning Paths: Effective training is not one-size-fits-all. Look for platforms that allow you to tailor content to specific roles and regional risks within your organization.
- Centralized Reporting & Metrics: Track progress and assess the impact of training with comprehensive reporting tools. Utilize insights to continually refine and optimize your program.
- MSP-Friendly Solutions: Select a SAT platform that facilitates seamless MSP delivery.
- Designed for a Dispersed Workforce: Human-centric security threats are particularly challenging for remote and hybrid teams. The right SAT platform should be built to address these unique challenges through thoughtful content and delivery methods.
TitanHQ Security Awareness Training is built for organizations with a dispersed workforce. It has proven to reduce phishing susceptibility by up to 92%.
Using Phishing Simulations
Awareness alone won’t guarantee that employees will be fully prepared and able to identify and avoid phishing attacks. To that end, reinforcement is key, and demonstrating real-world scenarios is one of the most effective methods for it.
Phishing simulation services involve sending simulated phishing emails to employees as a test. If an employee falls for the simulated email, they will receive additional training on how to identify phishing scams in the future.
MSPs can utilize specialized tools or services to manage these simulations, which include tracking and reporting features. This is where TitanHQ security awareness training helps MSPs provide phishing simulations and security awareness training simultaneously.
Book a Free Product Demo
Safeguard your inbox against internal and external threats before, during, and after an attack, and ensure your customers and their users form a strong line of defense.
MSPs must be prepared to address the surge of AI-assisted phishing campaigns anticipated over the next 12 months. Defensive AI offers the most significant potential boost to email security. The TitanHQ cybersecurity platform is designed with MSPs in mind, providing the next generation of email security to ensure that your customers receive the best possible protection and that you have the optimal solution.
Curious how TitanHQ can stop threats like phishing, BEC, AI-generated attacks, and deepfakes?

Geraldine Hunt
- MSP
- PHISHING PROTECTION
Get a Demo or Trial Today
