The importance of email in business communication cannot be underestimated. Recently, IBM’s annual Cost of a Data Breach report revealed that 96% of social engineering attacks are delivered via email 1.

Cost of a Data Breach Report: Phishing

From the more than 500 data breaches studied worldwide, spanning different countries and industries, IBM found that the average cost per data breach for an organisation was around R64 million ($4.24 million), which is the highest average total cost in the 17-year history of this report, according to IBM.


“96% of social engineering attacks are delivered via email, and the average cost per data breach for an organisation is around R64 million” — IBM’s Cost of a Data Breach Report, 2021.


Charl Ueckermann, Group CEO of AVeS Cyber International, said that IBM’s report showed the many cyber-attacks originating from email phishing attacks and stressed that companies need specific prevention measures to protect their emails.

AVeS Cyber Security identified six recurring email vulnerabilities of 2021. To improve your email security, here are the six focus areas:

1. Poor Visibility — Tracking and Identifying Risky Rules

Inbox rules are the preconfigured rules in your email client (such as Microsoft Outlook) that do something automatically with email, which usually triggers upon the arrival of the email. Malicious users, be they malicious or well-meaning-but-foolish, can use rules that result in harmful incidents, such as:

  • invoice fraud (and other similar scams);
  • data-leakage;
  • espionage; and
  • vandalism.

2. Accessing Emails Remotely

Once an occupation of a few, remote working has now been thrust upon us in 2020 and 2021. As a business model, work-from-anywhere requires updated security measures to protect businesses. Suppose there is not an additional layer of user authentication, such as two-factor (2FA) or multi-factor authentication (MFA) (multi-factor authentication being more secure) configured on your email platform. In that case, attackers can easily gain access to your emails from anywhere in the world if your credentials have been compromised. Shared mailboxes do not need an additional layer of authentication if the users who have access to them have MFA or 2FA enabled.

3. Lack of User Awareness & Training

Employees remain the biggest security vulnerability for email attacks, as they unknowingly open phishing emails, click on malicious links or supply their login credentials to fraudsters.


User awareness programmes should be ongoing and continuously test and train users on how to work with emails securely.


4. Breach of Admin Accounts

In managing and monitoring security configurations, admins often overlook the basics around user privileges on the company’s systems, including email systems. Email systems’ user accounts and permissions need constant attention as people continually join or leave the organisation or change their day-to-day roles. The following issues can occur:

  • too many admins;
  • shared admin privileges or passwords;
  • admin accounts are not linked and centrally managed by one user;
  • clean-ups of old accounts are not managed properly; and
  • Admins that require email accounts do not have a separate, non-admin account for their work emails.

If admin accounts are breached, attackers can have full control over your email platform.


5. Misconfiguration

Because auditing user activities is a necessary security practice as users can sign in from practically anywhere, Microsoft has provided some helpful auditing tools across all license bands to provide customers with better visibility of said activities. Microsoft has comprehensive compliance audit templates for international and industry-specific requirements governing the collection and use of data, such as EU GDPR and ISO/IEC 27701:2019. However, auditing is not switched on by default, so it needs to be actively configured.

6. Lack of Email Security


You cannot rely on the default system configuration of security features since the defaults are generally set to accommodate all kinds of businesses with various security needs.


You will have to identify the security gaps and align this to the organisation’s malware policy. For example, domains can be spoofed, meaning an email appears as if you are sending it from the correct domain while it is actually coming from another, fraudulent domain. If you have not configured SPF, DKIM and DMARC on your email domain, you are an easy target for attackers.

To secure your email environment, here are 7 questions you need to ask your IT Management team:

  1. Have you enabled alerts on your email platform to let you know when a rule on a mailbox is added or when a configuration is changed?
  2. Do you have any procedures in place to manage email admin accounts?
  3. Do you have audit logs enabled on your email platform? (Audit logs are essential for visibility into users’ system-related activities, such as their computer’s IP address when they log into their emails and are crucial to identifying security breaches proactively.)
  4. Have you completed any assessments on your email platform’s security configurations?
  5. Do you have an anti-phishing solution in place that scans your email platform for malicious emails and blocks them?
  6. Do you have any ongoing user awareness training programmes in place for all your email users?
  7. Do you have any additional layer of authentication, like multi-factor authentication, enabled on your email platform?


Over the past 21-years, AVeS Cyber Security has strategically honed its solutions and services to help Southern African businesses future-proof their IT environments against the constantly evolving threat landscape while achieving their digital transformation aspirations. 


With a purpose-driven email security strategy in place, organisations can reduce many of the simple mistakes that have huge cyber security consequences, such as insecure email platforms or staff clicking on phishing links received via email.


Ueckermann wants to ensure that companies’ email platforms and their employees don’t become the weakest links in their cyber security. Companies can get cyber security advice, services and assessments by contacting AVeS Cyber Security.



  1. 2021, IBM. “Cost of a Data breach Report”. Retrieved from https://www.ibm.com/security/data-breach


Do you like this article? Sign up to receive updates of new articles like these straight in your email inbox >>

Do you know your risk profile?

There are multiple risks involved with doing business today: cash flow, people management, government regulations, etc. But, do you fully understand the cyber risks involved with running your day-to-day operations?

Pin It on Pinterest

Share This