Enterprises face 3,680 potential phishing emails each week

GreatHorn analyzed more than 3.5 terabytes of data – over 373 million corporate emails – to gain insights into the sheer volume of email threats facing enterprises and the role of automated tools in helping them keep up with that challenge.

potential phishing emails

Researchers found that the average enterprise receives 3,680 messages containing threat characteristics that require review, investigation and (if applicable) remediation per week. Without automated tools, the company estimates that task would take a security team roughly 305 hours to complete.

GreatHorn analyzed anonymized information from its data cloud and found that 0.016% of all corporate emails contained threat characteristics. Combine this statistic alongside a few more facts: the average Fortune 500 company has 50,000 employees, each receiving roughly 460 emails per week which equates to more than 23 million communications generated.

This data was used to create a risk profile and identify the types of attacks cyber criminals utilize as well as the volume. Given this environment, Fortune 500 companies can expect to experience 1,380 direct spoof attacks, 460 display name spoofs, 560 emails with “W2” or “Wire Transfer” included, 230 domain lookalikes and 1,150 authentication risks on a weekly basis.

While all of these emails aren’t necessarily malicious, they do have traits that require an IT analyst’s attention for approximately five minutes; furthermore, if an email is malicious, the amount of time required to investigate and remediate the threat could be much higher.

“Our research shows that it is impossible for security teams to detect, analyze and respond to every suspicious email their organization receives,” said GreatHorn CEO Kevin O’Brien. “Without the ability to hire qualified cybersecurity expertise, automation must become a bigger part of the equation to help enterprises stay ahead of cybercriminals. Automation reduces the workload on IT and security teams by programmatically identifying and addressing threats based on preset policies.”