It’s a little-known fact that before emails reach your inbox, they pass through a buffer designed to scan and block malicious content. However, over time, email providers—especially Gmail—have shifted their focus to just adding “warning labels” to those with suspicious links or attachments. This approach, best described as “beating around the bush” hasn’t reduced threats much at all. Shockingly, 91% of all cyberattacks still originate from emails. So, what gives?
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
First, let’s look at how bad things currently are.
In an earlier Security Bite, I discussed a study by web browser security startup SquareX that revealed just how little companies are doing to block malicious attachments and protect users.
The team of researchers took several different types of malware samples, attached them to emails, and sent them through Proton Mail to addresses on iCloud Mail, Gmail, Outlook, Yahoo! Mail, and AOL, part of the Yahoo! group. Notably, if the emails were delivered successfully to the users, they might be vulnerable to any potential threat contained within those attachments.
The table below summarizes the results of sending 7 of the 100 malicious samples to the various email providers, indicating whether the malicious attachment was delivered. “If an email was undelivered, it is a sign that malware was detected when the email was being processed by the server,” according to the study from SquareX.
Table showing what malware samples passed which email provider’s scanners and were delivered successfully.
Image: SquareX
The dilemma
Investing in robust email security features may seem like the obvious critical part of protecting users. However, Ian Thornton-Trump, CISO with threat intelligence solutions firm Cyjax, told Forbes“this is akin to asking the free Wi-Fi at a Starbucks why are they not blocking more or all cyber attacks.” He further explained that it’s tough to balance free and secure in the same sentence.
Thornton-Trump argues that adding advanced email security features “can be deeply problematic with false positives, which may involve the use of technical support resources to help or fix—that expense across millions of users on a free platform may be commercially untenable.”
Moreover, others argue that email providers are dragging their feet on something that could cost substantial resources and impact their bottom line. While not specifically framed as for blocking spam, iOS 18, iPadOS 18, and macOS 15 offer better categorization and summaries of emails, thanks to Apple Intelligence, making it easier to reduce clutter and identify what’s important.
I’ll be interested to see if Apple ever integrates any other AI security features into the Mail app. Using Apple Intelligence to better warn users or outright remove malicious attachments and URLs from emails in real-time could be killer.
I’m curious to hear your thoughts. Please tell me you are not still using AOL…
About Security Bite: Security Bite is a weekly security-focused column on 9to5Mac. Every week, Arin Waichulis delivers insights on data privacy, uncovers vulnerabilities, or sheds light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices to help you still safe.
FTC: We use income earning auto affiliate links. More.
GIPHY App Key not set. Please check settings