Enhancements to network security within organizations have made it harder for threat actors to penetrate networks and systems. As a result, people have become the primary target for cyberattacks, with email providing the most effective mechanism for launching these attacks. This leads to all employees within an organization being frequently targeted by phishing attacks.

Cybercrime continues to rise — the 2022 Internet Crime Report produced by the FBI's Internet Crime Complaint Center (IC3) revealed that the number of complaints it receives annually has more than doubled since 2018. The potential loss from cybercrime has also grown significantly – between 2021 and 2022, it rose from $6.9bn to $10.2bn.

According to independent research conducted for the Egress Data Loss Prevention Report, 85% of employees are sending more emails than ever before and 80% of are using email to share sensitive data with clients and colleagues. To ensure users can be productive, Microsoft has continued to evolve Outlook to provide a richer and more integrated email experience for end users, adding functionality like autocomplete, clutter, and message access via the reading pane.

Ransomware attacks target organizations or individuals using malware that takes systems or data hostage until a ransom is paid on the promise that a decryption key will then be sent to the organization. There are two main forms of ransomware, non-encrypting ransomware, and crypto ransomware. Non-encrypting, or screen-locking ransomware, locks victims out of their device entirely and is the least common form of ransomware used by cybercriminals.

OSINT stands for open-source intelligence. It is the collection, analysis, and dissemination of information from publicly available sources, such as social media, government reports, newspapers, and other public documents. OSINT is commonly used by intelligence agencies, private investigators, and law enforcement to gather information about an individual or organization. The OSINT framework showcases the multiple ways in which organizations can gather intelligence.

In recent years, phishing attacks have become increasingly prevalent and sophisticated, posing a significant risk to individuals and organizations alike. In fact, 92% of organizations fell victim to successful phishing attacks in the last 12 months. As cybercriminals continue to exploit human vulnerabilities through social engineering, the impact on employee stress levels is a growing concern that cannot be ignored.

Phishing attacks have been the most persistent and widespread form of cybercrime for decades, but cybercriminals' tactics and methods are continually evolving. In the past, attacks were simpler and easier to spot. However, as technology has advanced, and more people go online, cybercriminals have become more sophisticated in their methods, making their attacks harder to detect.

Ahead of US Tax Day on April 18, 2023, attackers are taking the opportunity to send finance-related phishing attacks. There has been a 164% increase in tax-related phishing emails since February 2023 and a 32% increase versus 2022 levels. Typically in these attacks, cybercriminals attempt to convince victims that they have a tax refund available or have underpaid their taxes, when in reality, the email contains a malicious link or attachment.

Since March 2nd, 2023, intelligence from the Egress Intelligent Email Security platform shows Emotet malware being used within Microsoft OneNote attachments, as cybercriminals evolve their attacks in attempts to avoid detection. Emotet is sophisticated malware primarily used for stealing sensitive information, such as credentials, from the machines it infects.