1. SOLUTIONS /
  2. 13 THREAT TYPES

Protect against all 13 email threat types.

Email is the leading source of cyber-threats. Find out which ones your business is exposed to.

13 email threat types you need to know about

As email threats evolve and multiply, keeping track of them all — and staying protected against the many different types — becomes a complex challenge. Today, that requires more than just the traditional email gateway solution that used to be good enough.

Barracuda can help. Our research, based on real-time threat intelligence collected from more than 200,000 collection points around the globe, has resulted in the identification of 13 key types of email threats. Once you understand the nature and characteristics of these 13 threat types, you’ll be far better prepared to build the best protection for your business, data, and people.

91% of cyber attacks start with an email.

Domain Impersonation

Domain impersonation is a high-impact attack where cybercriminals attempt to impersonate a domain by using techniques such as typosquatting. It’s often used as part of a conversation hijacking attack as it can be easy to miss the subtle differences between a legitimate email domain and an impersonated email domain.

Less Complex

1

Spam

2

Malware

3

Data Exfiltration

4

URL Phishing

5

Scamming

6

Spear Phishing

7

Domain Impersonation

8

Brand Impersonation

9

Extortion

10

Business Email Compromise

11

Conversation Hijacking

12

Lateral Phishing

13

Account Takeover

More Complex

Spam costs businesses about $20 billion per year. It lowers productivity by flooding inboxes with junk mail and impacts mail servers’ ability to process messages. Spam can be used to distribute malware and in large-scale phishing attacks.
94 percent of malware is delivered via email. Cybercriminals use email to deliver documents containing malicious code or URLs that point to websites intended to trick users into clicking to download malware. Common types of malware include viruses, Trojans, spyware, worms and ransomware.
Data exfiltration is the unauthorized transfer of data from a computer or other device. In addition to malicious attacks, data is frequently exfiltrated accidently due to human error. The average total cost of a data breach was $3.92 million in 2019.
About 32 percent of breaches involve phishing, and many phishing attacks include malicious links to fake websites. The use of URL phishing emails is popular and effective. However, only 57 percent of organizations have URL protection in place.
Scamming accounts for 39 percent of all spear-phishing attacks. Cybercriminals use fraudulent schemes to defraud victims or steal their identity by tricking them into disclosing personal information. Examples of scamming include fake job postings, investment opportunities, inheritance notifications, lottery prizes, and fund transfers.
Spear phishing is a highly personalized form of email phishing attack that leverages social engineering tactics. 43 percent of organizations said they had been victims of spear-phishing attacks, but only 23 percent have dedicated spear-phishing protection in place.
Domain impersonation is a high-impact attack where cybercriminals attempt to impersonate a domain by using techniques such as typosquatting. It’s often used as part of a conversation hijacking attack as it can be easy to miss the subtle differences between a legitimate email domain and an impersonated email domain.
Brand impersonation is intended to impersonate a company or a brand to trick customers into responding and disclosing sensitive information. Service impersonations—attacks that impersonate well-known brands—account for about 47 percent of all spear-phishing attacks.
Blackmail makes up around 7 percent of spear-phishing attacks, but the cost of extortion attacks including blackmail was more than $107 million in 2019. Hackers threaten to release compromising materials unless their victims pay up.
Also known as CEO fraud or wire-transfer fraud, BEC attacks are used to impersonate an employee in the organization in order to defraud the company. While BEC attacks make up only 7 percent of all spear-phishing attacks, it caused more than $1.7 billion in losses in 2019 alone.
Cybercriminals insert themselves into existing business conversations to steal money or personal information. While the volume of conversation hijacking attacks is low compared to other types of phishing attacks, they are very personalized, making them effective, hard to detect, and costly.
Attackers use recently hijacked accounts to send fraudulent and phishing emails to unsuspecting recipients within the organization. In a recent study, researchers found that 1 in 7 organizations have experienced a lateral phishing attack.
A recent analysis of account takeover attacks found that 29 percent of organizations had their Microsoft Office 365 account compromised by hackers in one month. More than 1.5 million malicious and spam emails were sent from these hacked Office 365 accounts over a 30-day period.

For a thorough explanation of all of these threat types, download our new e-book, “13 email threat types to know about right now.”

GET THE FREE E-BOOK

Instant download. No form required.

How to build effective protection against all 13 threat types

Traditional email gateways are still a critical part of your security infrastructure. But to protect against all 13 email threat types, you also need a newer type of solution:
API-based inbox defense.

Unlike gateway solutions that use signature-matching and payload analysis to prevent threats from arriving to your inbox, API-based inbox defense solutions use historical communication data to spot anomalous emails that evade the gateway and land in users’ inboxes. Malicious emails are removed instantaneously.

Threat Type Barracuda
(Email gateway + API-based inbox defense) 		Email gateway-only solutions
Spam
Malware
Data exfiltration
URL phishing
Lateral phishing
Spear phishing
Brand Impersonation
Domain Impersonation
Business email compromise
Scamming
Extortion*
Account takeover
Conversation hijacking
Strongest protection     Some protection     Insufficient protection

Think beyond the gateway to protect against all 13 threat types.

To protect your organization from socially engineered attacks, you need an additional layer of defense beyond your gateway solution: API-based inbox defense.

Inbox defense relies on APIs to integrate directly with your users’ inboxes. This integration provides visibility into both historical and internal email communication for every individual in the organization. Communication data is used to train artificial intelligence (AI) to create a statistical model or an identity graph for each user that reflects their communication patterns.

Using historical data the model will define users’ regular email addresses, individuals they communicate with, the type of requests they make, and many other behaviors. When something abnormal happens that is outside of an individual’s identity graph, AI instantly flags it as malicious and removes it from the user’s inbox.

Identity graph

Contacts and relationships

Usual email contacts (e.g. colleagues or external partners) for an individual based on historical email communication data.

!

Contacts and relationships

Document types

Document types usually shared by an individual based on historical email communication data.
!

Document types

Email Addresses

Usual email addresses used by an individual based on historical email communication data.

!

Email Addresses

Location

Usual login locations for an individual account owner based on historical email communication data.

!

Location

Names used

Common variations of names used by an individual based on historical email communication data.
!

Names used

Sentiment Analysis

Sentiment analysis of language used, and content of email based on historical email communication data.
!

Sentiment Analysis

Types of requests

Usual types of requests made by an individual based on historical email communication data. (e.g. does individual make wire transfer requests)
!

Types of requests

Identity Graph

!

Type of request

Usual types of requests made by an individual based on historical email communication data. (e.g. does individual make wire transfer requests?)

!

Names used

Common variations of names used by an individual based on historical email communication data.

!

Location

Common variations of names used by an individual based on historical email communication data.

!

Contacts and relationships

Common variations of names used by an individual based on historical email communication data.

!

Sentiment analysis

Sentiment analysis of language used, and content of email based on historical email communication data.

!

Document types

Common variations of names used by an individual based on historical email communication data.

!

Email addresses

Common variations of names used by an individual based on historical email communication data.

Identity Graph

Type of request

Usual types of requests made by an individual based on historical email communication data. (e.g. does individual make wire transfer requests?)

Contacts and relationships

Common variations of names used by an individual based on historical email communication data.

Sentiment analysis

Sentiment analysis of language used, and content of email based on historical email communication data.

Names used

Common variations of names used by an individual based on historical email communication data.

Location

Common variations of names used by an individual based on historical email communication data.

Email addresses

Common variations of names used by an individual based on historical email communication data.

Document types

Common variations of names used by an individual based on historical email communication data.

“Barracuda solutions offer a lot of value. They make it easy to protect our organization against advanced email threats like account takeover and to deal with incidents effectively. Barracuda helped tighten up our email security posture.”

The Salvation Army

Barracuda Email Protection

Barracuda Email Protection multi-layered approach combines a secure email gateway, AI-powered fraud protection, advanced security awareness training and automated incident response. This results in comprehensive protection against all email threats from spam and malware to business email compromise and account takeover.

Explore This Product

Discover threats hiding in your inbox right now
with the free Barracuda Email Threat Scanner.

98% of organizations with Office 365 harbor malicious emails inside their mailbox.* Discover email threats before your users do.

16,000+ organizations

have used the scanner to discover 12 million threats hiding in their mailboxes. Get your free scan now. It's fast, safe, and has no impact on your email performances. Barracuda Forensics and Incident Response can be used to remediate within minutes.

Get my free scan

*Organizations with 100+ mailboxes

“Barracuda is the only vendor in the market today that provides all four layers of email protection: secure email gateway, inbox defense, security awareness training and automated incident response.”

SC Magazine Award: Best Email Security Solution