Email-borne cyber threats remain one of the most prevalent avenues for threat actors to target organizations and are thus a major headache for companies. A new report from Cyren and Osterman Research found that companies are spending an average of 3,850 hours per year responding to compromises caused by email-borne attacks. The most common breach vector the study found was compromised Office 365 login credentials. Email-based account compromise can lead to financial scams, business email compromise (BEC), and the deployment of ransomware. Furthermore, Osterman Research’s survey found that the number of breaches caused by email-based threats has increased compared to their previous survey in 2019. The study demonstrates that despite increasing email security tools and employee awareness training, threat actors are still able to employ social engineering messages to fool victims and compromise organizations. To defend against this activity, it is still important for organizations conduct regular end user awareness training and implement technical controls such as multifactor authentication (MFA). Read more at Venturebeat.