National Email Week serves as a timely reminder of the vital role email plays in business communication and the significant risks that come with it. Email’s accessibility and widespread use make it one of the most popular mediums for hacking into company networks and wreaking havoc.
Understanding the depth of these threats through key statistics can help organizations build stronger defenses.
Here are some essential insights into the current state of email security.
BEC is a type of scam where perpetrators impersonate trusted parties, including company executives or suppliers, to convince employees to transfer money or hand over confidential details.
A typical example involves a finance department receiving an urgent email that appears to come from a vendor requesting payment to a new bank account. Without a verification process, the company transfers a large sum, only to find later the request was fraudulent. Such attacks can stall operations as the company investigates and tries to recover lost funds, while also eroding trust with legitimate partners.
These attacks have become widespread, with reports coming from every corner of the United States and nearly 190 countries worldwide. Since 2013, over 305,000 BEC incidents have been documented globally, with reported losses exceeding $55 billion.
Phishing is a form of cyberattack where malicious emails are disguised as legitimate messages, aiming to trick recipients into clicking harmful links or providing personal information.
The constant bombardment of these deceptive emails increases the risk — so much so that even the most cautious employee might mistakenly engage with a threat, which can lead to network infections or data breaches. Throughout 2024, phishing incidents climbed steadily. In the last quarter alone, over 980,000 phishing emails were detected, showing an upward trend compared to previous quarters.
Technology can block many threats, but human error continues to expose organizations to risk. Human error, such as misconfigured email accounts, weak passwords, or responding to suspicious messages, play a role in 68% of security breaches. Attackers often exploit natural behaviors such as trusting authority figures or reacting to urgent demands to bypass defenses.
Between late 2024 and early 2025, phishing emails increased by over 17%, with more than 80% of these messages using AI. These AI-driven emails exhibit highly realistic language, closely mimicking human writing styles and tone, which makes spotting them even more challenging.
Unlike traditional phishing attempts riddled with spelling or grammatical errors, AI-crafted messages can fool recipients by adapting content to individual targets, increasing the effectiveness of attacks.
Addressing these growing threats calls for a combination of human and technological safeguards.
Protecting your business starts with a secure email system and employee education. If your business lacks these measures, now is the time to contact Interplay IT. As your dedicated managed security services provider, we can holistically protect your business from a wide range of email threats.