Pagoda Blog

Can Your Employees Detect These Top 3 Email Threats?

February 15, 2024

When your employees’ check their inbox, do they know how to spot a malicious message or sender? Having an informed workforce when it comes to cybersecurity threats is your best defense against a data breach. Below we share the top three email threats that are hardest to detect because generating awareness of these threats is the first step in preventing an attack. 

 (A shout out to SmarterMSP for highlighting these top threats in a recent blog post.) 

1. Business email compromise 

This type of threat occurs when a bad actor impersonates an employee of the business or someone connected to the organization. They impersonate the known (and trusted) individual with the intent to extract something of value, like money, account credentials or personal information that can be used to hack into an account. 


This type of email is hard to detect because the sender will appear to be a recognized email address like someone in your contacts. It may also come from the personal email address of a business colleague — an address that you may not have but if the name looks correct, then you’re more likely to still trust the message. Clever cybercriminals will also include a note that the message was sent from a mobile device, removing the suspicions that typically arise when a message contains typos.   


2. Conversation hijacking 

If a bad actor gains access to someone’s business email account, they may join an active email thread using the hijacked email address. Conversation hijacking works like this: The bad actor typically hacks into the business email account (an important reminder why it is essential to use strong, unique passwords and implement MFA) and then downloads archived messages. They may not maintain access to the email account for long so downloading the messages is key. They then look through these messages for a thread that includes multiple parties and restart the thread by sending a message from a look-alike domain. A look-alike domain will have a slight variation from the legitimate address, but if the recipient is distracted or hasn’t been trained to look for these clues, they may overlook it and fall prey to a phishing attack


3. Brand impersonation

Your brand may be impersonated by a bad actor either directly or indirectly. Direct brand impersonation or ‘brand hijacking’ is when a cybercriminal uses a spoofed domain to impersonate a legitimate company. Indirect brand impersonation or ‘service impersonation’ is when a cybercriminal impersonates a well-known third-party application to convince users to enter their login credentials or other sensitive information. 


These emails are tricky because we’ve grown accustomed to periodically receiving similar legitimate requests from these applications. The request may ask app users to click a link or enter sensitive information in order to reset a password, accept new service term agreements, confirm your identity, or activate your email address. 


Training is key to mitigate cybersecurity threats  

The only way to prepare your employees for these email threats and mitigate the threat of an attack is through regular, ongoing training. Cybersecurity trainings like KnowBe4 provide real-life examples and undercover tests right in your employee's inboxes. These interactive trainings help create a culture of cybersecurity across your organization, helping employees stay alert and adopt a prevention-first mindset. The more you can encourage and empower employees to take an active role in your cybersecurity strategy, the better equipped your business will be to avoid an attack. 


Feature photo by Brooke Cagle on Unsplash

Want to get more posts like these in your inbox? Sign up for the Pagoda newsletter and we’ll send you the occasional email with content that will sharpen your technical skills, from cybersecurity to digital marketing


Did you know we also have a weekly LinkedIn newsletter? Make sure to subscribe for weekly actionable IT advice and tech tips to set your business up for success.




About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at to schedule a complimentary IT consultation.

Return to Pagoda Blog Main Page

As your trusted IT service partner, Pagoda Technologies is here to help you achieve your near and long-term business goals through reliable and affordable IT support. 

Pagoda Technologies

101 Cooper Street

Santa Cruz, CA 95060


Contact us for a free IT consultation



Get in touch 

Join our newsletter

Want IT to serve you better? 




Follow Us

Facebook LinkedIn LinkedIn