Latest news with #emailsecurity
National Post
a day ago
- Business
- National Post
IRONSCALES Named to Inc. 5000 List of America's Fastest-Growing Private Companies for Fifth Consecutive Year
Article content ATLANTA — IRONSCALES, the AI-powered email security leader protecting more than 17,000 global organizations from advanced phishing attacks, today announced its inclusion in the 2025 Inc. 5000 list, the most prestigious ranking of the fastest-growing private companies in America. Article content Five Years of Consistent Growth and Market Leadership Article content This marks the fifth consecutive year IRONSCALES has been honored on the Inc. 5000 — underscoring the company's sustained growth, market leadership, and commitment to innovation. In the last year, IRONSCALES has grown by an additional 2,000 customers and partners. Notable partnerships include integrations with CrowdStrike, and strategic alliances with Concentrix and Malwarebytes. Article content 'We're honored to make the Inc. 5000 for the fifth straight year,' said Eyal Benishti, CEO of IRONSCALES. 'This milestone reflects our team's relentless drive and our customers' trust in us to protect them against advanced email threats. It further strengthens our resolve to deliver AI-powered, human-centered security solutions that keep organizations ahead of sophisticated attacks.' Article content Driving Innovation in Email Security Article content Email phishing remains one of the most pervasive cyber threats, with more than 3 billion phishing emails sent daily, leading to costly breaches. The IRONSCALES platform uniquely combines adaptive AI and human insights to detect, respond to, and mitigate threats such as business email compromise, account takeover, deepfakes, and other advanced social engineering tactics for enterprises and managed service providers. Article content Over the past year, IRONSCALES has delivered a series of industry-first innovations, including: Article content Zero-Touch, Autonomous Email Security – Delivers fully automated threat detection and remediation, eliminating time-intensive manual reviews and reducing operational burdens for the security team. Real-Time Deepfake Defense – Provides the industry's first solution to combat phishing 3.0 attacks with deepfake protection. DMARC Management for Outbound Security and Authentication – Simplifies and automates the setup and monitoring of DMARC, SPF, and DKIM, giving organizations critical tools to defend against domain spoofing while improving email deliverability. Adaptive AI SPAM Hygiene – Learns and adapts in real time to block unwanted emails effectively. Article content This rapid cadence of innovation has solidified IRONSCALES leadership in the AI-enabled email security market, earning recognition such as Visionary in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms and Best ROI in G2's Summer 2025 Awards. Article content About IRONSCALES Article content IRONSCALES is the leader in AI-powered email security protecting over 17,000 global organizations from advanced phishing threats. As the pioneer of adaptive AI, we detect and remediate attacks like business email compromise (BEC), account takeovers (ATO), and zero-days that other solutions miss. By combining the power of AI and continuous human insights, we safeguard inboxes, unburden IT teams, and turn employees into a vital part of cyber defense across enterprises and managed service providers. IRONSCALES is headquartered in Atlanta, Georgia. To learn more, visit or follow us on LinkedIn. Article content About Inc. Article content Inc. is the leading media brand and playbook for the entrepreneurs and business leaders shaping our future. Through its journalism, Inc. aims to inform, educate, and elevate the profile of its community: the risk-takers, the innovators, and the ultra-driven go-getters who are creating the future of business. Inc. is published by Mansueto Ventures LLC, along with fellow leading business publication Fast Company. For more information, visit Article content Methodology Article content Companies on the 2025 Inc. 5000 are ranked according to percentage revenue growth from 2021 to 2024. To qualify, companies must have been founded and generating revenue by March 31, 2021. They must be U.S.-based, privately held, for-profit, and independent—not subsidiaries or divisions of other companies—as of December 31, 2024. (Since then, some on the list may have gone public or been acquired.) The minimum revenue required for 2021 is $100,000; the minimum for 2024 is $2 million. As always, Inc. reserves the right to decline applicants for subjective reasons. For the full list, company profiles, and a searchable database by industry and location, visit: Article content Article content Article content Contacts Article content Media Contact: Article content Article content Article content Article content
Forbes
16-07-2025
- Forbes
Delete Any Emails On Your Phone Or PC That Include These Images
These images are dangerous. Here we go again. There's a fast growing threat in your inbox that's hard to detect — even for security software on your PC. This has 'seemingly come out of nowhere,' but you need to be aware. And it means deleting a raft of incoming emails. The new warning comes courtesy of Ontinue, which says 'threat actors are increasingly leveraging Scalable Vector Graphics (SVG) files as a delivery vector for JavaScript-based redirect attacks.' Plenty of these images, 'commonly treated as harmless' contain 'embedded script elements' that lead to browser redirects. And that's a huge risk. While these images might be .SVG attachments, as we have seen before, they could also be links to external images pulled into the email. And the campaign also relies on spoofed domains and email lures to trick users into opening and engaging. VIPRE warns that 'up until this point, SVGs have been recognized by email security tools as generally benign image files, which is why attackers are now having so much success hiding their nefarious exploits in them.' Looking at this latest warning, SlashNext's J Stephen Kowski told me 'when you open or preview these 'images,' they can secretly redirect your browser to dangerous websites without you knowing.' That means you need to be 'extra careful' with images. Because the latest attacks leverage spoofed domains and senders to trick you, it isn't as easy as just avoiding emails from unknown senders. Instead, you should delete any email with an .SVG attachment unless you're expecting it. And you should allow your browser to block external images until you're certain of their origin. Kowski says these emails will also likely be 'pushy about viewing the image right away,' and while 'your email provider's built-in security features, such as spam filtering and safe attachments, can help, they're not perfect against these newer tricks.' Jason Soroko from Sectigo goes even further, warning security teams to 'treat every inbound SVG as a potential executable,' as the surge in such attacks continues. The real threat though lies in user complacency. SVG attacks, VIPRE says, are now tussling with PDFs to become 'attackers' favorite attachments of choice.' These are only images, most users assume, and so no click-throughs, no harm. Ontinue says 'the observed targets of this campaign fall into B2B Service Providers, including the ones handling valuable Corporate Data regularly, including Financial and Employee data, Utilities, Software-as-a-Service providers that are great social engineering targets as they expect to receive a high volume of emails.' And the team warns 'this technique demonstrates how adversaries are shifting away from executable payloads and towards smuggling (HTML and now SVG) techniques. By embedding script logic into image formats and using trusted browser functions, the attack chain avoids triggering traditional behavioral or signature-based alerts.' The emails containing the attachments or links will be simple, 'using a minimal format to avoid detection and provoke curiosity or interaction.' Hijacking poorly protected domains or spoofing others with special characters enhances the lure. The advice is just as simple. If you're not expecting an email which includes image links or .SVG attachments, delete them from your inbox. 'This campaign highlights a creative pivot in attacker methodology,' the team says, 'using benign file formats to hide malicious logic and evade established detection controls.' Which is another way of saying that you're your own best defense.
National Post
15-07-2025
- Business
- National Post
KnowBe4 Delivers AI-Driven Email Security to Small and Medium Businesses to Tackle Outbound Email Risk
Article content Using advanced machine learning, neural networks and behavioral analytics, KnowBe4 Prevent mitigates outbound email data breaches Article content TAMPA BAY, Fla. — KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today announced the release of KnowBe4 Prevent across all market segments – an AI-driven email security product designed to enable organizations to manage the problem of outbound email risk. Following the release of Prevent Enterprise, Prevent is now available to suit the needs of small to medium-sized businesses. Article content In 2025, human error remains the leading cause of data breaches ( according to Verizon, 60% of incidents involve the 'human element'). The overwhelming volume of digital communications creates more opportunities for employees to expose sensitive information to the wrong recipients, attaching incorrect files, or inadvertently including confidential data. These breaches incur severe penalties, financial losses, and reputational damage, underscoring the critical need for prevention. However, traditional Data Loss Prevention (DLP) offerings rely solely on inflexible static rules and lack real visibility into what is being sent, to whom, and when. Article content To address this challenge, KnowBe4 introduces Prevent, an AI-native outbound email security product that alerts your employees in real time when they are about to send emails and attachments to the wrong person. Prevent proactively detects and stops the full spectrum of outbound email security threats, including: Article content Combined with detailed reporting and analytics, security teams are able to get a complete view of outbound security risk across the organization, behavioral analytics of users' interactions with Prevent's prompts and quantification of the prevented incidents to demonstrate efficacy and return on investment (ROI). Article content 'Outbound email risk continues to be one of the most persistent and costly challenges an organization can face – one that requires smarter, more adaptive approaches to effectively address them,' said Greg Kras, chief product officer at KnowBe4. 'KnowBe4 has a proven track record of effectively addressing Human Risk Management, so we are proud to expand that coverage to include outbound email risk. Prevent is the most intelligent and proactive outbound email security product among today's email data loss prevention methods. Unlike traditional products, it uses advanced machine learning and contextual understanding of user behavior to identify risky actions in real time and prevent a data breach before it occurs. This allows organizations to stop incidents at the source, empower employees to make safer decisions, and enable security teams to manage and reduce risk at scale.' Article content For more information on how KnowBe4 Prevent can help organizations mitigate outbound data loss over email, visit See how it helped KnowBe4 customer Publix Employee Federal Credit Union here. Article content About KnowBe4 Article content KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization's biggest asset. More at Article content Article content Article content Article content Contacts Article content Article content Article content
Yahoo
09-07-2025
- Business
- Yahoo
York technology chief warns on email security
The founder of a York IT services company says over four-fifths of city businesses have a critical gap in their email security, putting them at risk of impersonation or delivery failure. Thomas Siron of Techscend says recent changes in email handling by tech giants Google, Yahoo, and Microsoft could have serious consequences for businesses that haven't taken proactive steps to protect their domains. These providers have now implemented stringent policies requiring all domains that send emails to have properly configured DMARC (Domain-based Message Authentication, Reporting & Conformance) records. Thomas said: 'Businesses that don't have DMARC in place - or have it set up incorrectly - are playing with fire. Their emails may never even reach the recipient's spam folder, let alone their inbox. This could lead to client proposals going undelivered and email marketing efforts being wasted. Worse still, their domain could be hijacked by scammers to send fake emails that appear 100% legitimate to the average person.' DMARC is a security protocol that works with other domain records - SPF and DKIM - to prevent email spoofing - a tactic commonly used by cybercriminals to impersonate legitimate companies. Without it, hackers can forge the identity of a company's domain and send malicious emails to unsuspecting customers, partners, or staff. The warning follows recent high-profile cyberattacks involving household names, such as M&S, The Co-Op and Harrods. Techsend says these incidents highlight the devastating consequences of cyber threats and the urgent need for businesses of all sizes to tighten their security. Siron explaine: 'A lot of business owners think that because they're using Microsoft 365, Google Workspace or email services provided by their website, they're automatically protected. 'But unless DMARC, SPF, and DKIM are correctly configured for your domain, your outbound emails could be held back by recipient servers - or worse, used by fraudsters to carry out scams in your name.' Emma Hollinrake, from Phishing Tackle, the preferred partner for security awareness training with Aviva, added: 'Cyber insurance needs - and claims - are increasing year on year, in line with the increase of cyber risks to organisations of all sizes. One thing is certain; - now, more than ever before, education and awareness for employees is absolutely critical across all areas of risk.' Techscend is urging businesses to conduct a domain health check immediately and has launched a free email security audit service to help identify gaps in protection. Businesses can sign up for a free domain health check at Siron concluded: 'In a digital world, your email domain is your identity. If you don't lock it down, someone else will use it - and the fallout can be catastrophic.'
Forbes
07-07-2025
- Forbes
2.5 Billion Email Users Urged To Change Password — Act Now
Chnage your passwrod now as email attacks continue. What if I were to tell you that hackers are coming for your email account password? You probably wouldn't be that surprised; it's a valuable criminal commodity, after all. But what if a well-respected threat response unit told you that those attacks targeting user credentials and authentication mechanisms now accounted for nearly 60% of identity-based attacks in 2025? Or that email account compromise cases have spiked by more than 60% year-on-year? Are you listening now? Good, because major email platfiorms Gmail and Outlook, who between them account for more than 2.5 billion active users, want you to change your password, and do so now. Here's what you need to know and do. Change Your Email Account Password Now As Attacks Surge A July 7 identity threat report from the eSentire Threat Response Unit has confirmed what most of us in the broader cybersecurity industry, as well as most of you, I suspect, already knew: email accounts are under attack. And how. 'TRU's threat data presents a stark reality,' the report's introduction said, 'identity-driven threats have increased by 156% between 2023 and 2025, now representing 59% of all confirmed threat cases during Q1 2025.' This surge is being driven by Cybercrime-as-a-Service, and more precisely Phishing-as-a-Service, offerings that attackers can hire for as little as $200 per month. No wonder, then, that email compromise has increased by 60%, and more than 40% of all attacks this year so far have involved account takeover or compromise, according to eSentire's analysis. Your password is no longer good enough, dear reader, to protect you and your email account from the onslaught of increasingly sophisticated and devastating hack attacks. Which is why both Google and Microsoft have been urging all users to adopt the far more secure passkey alternative for some months now. Passkeys are effortless to create and use, automatically generated with no room for human error and nothing to remember. They are also strong by default, phishing and social-engineering resistant, and totally private. A passkey private key never leaves your device. The question here shouldn't be why you need to replace your email passwords with passkeys, but why haven't you already done so? So, what are you waiting for?
