Email Security Blog

Why Applying the Laws of Probability to Email Security Isn’t Worth the Risk

How often do you use the laws of probability to avoid doing something? Chances are you do it more often than you think. Consider these scenarios:

  • You didn’t lock up the house because you’re only going to be gone for an hour. Chances are nobody will break in.
  • You caught the tail-end of that yellow light at the intersection. Chances are you won’t get hit.
  • You didn’t add travel insurance to your trip. Chances are your vacation will go ahead as planned.
  • You’ve been meaning to have that tree removed. Chances are the storm won’t be that bad.
  • You haven’t updated your will in ages. Chances are you have plenty of time.

On most days, these scenarios don’t come back to bite you. However, it’s hard not to cringe every time you hear about someone getting hit hard when they were unprepared. The most maddening part of any disaster is when taking the safe route would have been easy.

Let’s apply the same laws of probability to email security. It’s not like every company becomes a victim of email phishing, right? Cybercrime in the U.S. totaled $3.5 billion in 2019 and the figures for 2020 promise to be even more disastrous.1 When broken down by type of cybercrime, there were more phishing attack victims that any other.1 If you’re still not convinced of the severity of the issue email phishing presents, here are a few more alarming statistics:2

  • The average cost of an email phishing attack to a mid-sized company is $1.6 million.
  • Phishing is the leading cause of data breaches, accounting for 90% of them.
  • Nearly 1.5 million phishing sites are created each month.
  • 76% of businesses reported being a victim of a phishing attack in 2018.
  • 95% of attacks on business networks are the result of a successful spear phishing attack.
  • 92% of malware is delivered via phishing email.
  • Phishing emails are responsible for 94% of ransomware attacks.

So, why are companies slow to install the email security and phishing protection they need to prevent costly cybercrime attacks? For many, it all goes back to the Laws of Probability. CEOs and IT managers commonly report, “We’ve been safe so far, ” or “Our current email security keeps us 90% safe”. Well, those are dangerous words.

If you have a secure email gateways (SEGs) such as Microsoft, Google, Proofpoint, or Mimecast, they do have phishing detection baked into their platforms. However, they only block about 90% of the dangerous phishing email attempts they are designed to stop. The other 10% swim right by. More alarming is the fact that the 10% of email phishing attempts getting through SEGs are often the most sophisticated and treacherous phish in the sea. Why else do you think they weren’t caught by the SEGs in the first place?

There is a way to avoid the heavy consequences that come with being the victim of a phishing scam. INKY sits downstream from the SEGs, which is how she sees what they miss. INKY also detects things the SEGs can’t, making INKY a powerful force in the fight against email phishing. Using computer vision, artificial intelligence, and machine learning, INKY provides a level of ingenuity that is unlike other email security platforms. That’s because INKY sees things the way humans do — recognizing logos, brand colors, email signatures and more — but she also sees the millions of things humans can’t, spotting imposters by as little as a pixel. The combination of viewing things like a machine and a human gives INKY an edge the other email security platforms lack. INKY is able to detect zero-day attacks.

Living by the Laws of Probability — taking a gamble that you won’t suffer a costly phishing attack — is just not sound business. You wouldn’t install office smoke detectors that worked 9 out of 10 times or have company trucks with brakes that functioned on 90% of the hills. So, don’t settle for catching 90% of the emailing phishing threats that come into your business.

To truly have a handle on phishing threats, you need a solution designed specifically to catch phishing emails. INKY offers a relentlessly effective level of security, capable of detecting and stopping the most sophisticated phishing threats and similar types of cybercrime. Even on your mobile devices. Before the Laws of Probability turn into Murphy’s Law, get INKY. Ask for a free demonstration today.

----------------------

INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.

1Source: https://pdf.ic3.gov/2019_IC3Report.pdf

2Source: https://hostingtribunal.com/blog/phishing-statistics/