IRONSCALES

We're proud to sponsor the SecureIT Summit taking place on June 22-24, in Tampa, Florida, and we want you there too! This exclusive, all-inclusive event is built for MSPs and includes flights, hotel, meals, networking, and expert-led sessions. Plus is all wraps up with a private yacht party on Tampa Bay! Interested in attending? Request your spot here: https://t.co/3WkmKQX97Y #MSP #MSPcommunity #emailsecurity #proudsponsor #infosec

Five phishing attacks from our threat research team. Every one was built for a specific person at a specific company before it left the attacker's infrastructure. A PDF auto-launched a credential harvest page on open. No click required. A QR code had the target's email pre-encoded in base64. A typosquat domain sat in the CC field of a live invoice thread while the From address passed SPF, DKIM, and DMARC. Our Adaptive AI caught all five on behavioral signals the gateways never checked. What's your team watching for beyond authentication? https://t.co/XEgzW6hx3E #EmailSecurity #IRONSCALES #Phishing #ThreatIntelligence #BEC

Canadian organizations in regulated industries have been stuck in a bind: strong email security or data residency compliance. We launched a dedicated Canadian data center to eliminate that choice. All user data stays within Canada. PIPEDA, PHIPA, and Law 25 requirements met without compromising protection. For security leaders in Canada, this means faster procurement cycles, cleaner compliance documentation, and the ability to focus on security outcomes instead of navigating data sovereignty paperwork. #DataSovereignty #EmailSecurity #CanadianCompliance #PIPEDA #CyberSecurity

88% of organizations have been breached by trust-exploiting attacks. 60% lack confidence in their ability to counter deepfakes. And 55% say a failed response to a trust-based attack increases breach likelihood. Those numbers come from the latest Osterman Research report, commissioned by IRONSCALES, surveying enterprise security leaders on the trust crisis in digital communications. One stat worth sitting with: 82% see heightened threat actor interest in their industry. Security teams aren't just worried about phishing. They're watching trust itself erode across every communication channel. Full report available. Link in comments. #Deepfake #CyberSecurity #TrustInCommunications #EmailSecurity #Research

Every week, our threat research team publishes a real phishing attack that landed in a real inbox, with the full breakdown of how it got there. Not theoretical attacks. Not lab simulations. Actual emails that bypassed actual security tools. We call it Attack of the Day. Each post covers the sender infrastructure, the evasion technique, the social engineering angle, and what the filters missed. If you're not following the series yet, the archive is growing fast. Link in comments. #ThreatIntelligence #EmailSecurity #Phishing #CyberSecurity #AttackOfTheDay

The CIO for the City of Memphis, Augustine Boateng, said it directly: "IRONSCALES has cut the number of analyst hours down by 95%." For a city government managing thousands of endpoints with a lean security team, that's the difference between staying reactive and actually getting ahead of threats. Automated remediation handled the volume. Their team focused on the incidents that actually needed a human. #SOCAutomation #EmailSecurity #CyberSecurity #GovTech #PhishingProtection

Encrypting a sensitive email shouldn't require your recipient to create an account, set a password, or call your help desk for a reset. Today, we're launching IRONSCALES Email Encryption: outbound protection built into the platform you already use for inbound. Here's what's in our Elective Email Encryption: • Senders encrypt by clicking "Secure Send" in the Outlook add-in or dropping a [secure] keyword in the subject line • A simplistic one-time password (OTP) experience with no downstream friction • AES-256 in transit and at rest — HIPAA, GDPR, FERPA, PCI DSS, SEC ready Outbound protection now sits in the same platform you use for inbound. One platform for all of your email security needs. Learn more: https://t.co/AXKfb4b9Ju #EmailSecurity #Encryption #Compliance #Cybersecurity #MSP

CyberScope protects organizations across EMEA, the U.S., and South America. Their MDR team was drowning in account takeover and BEC campaigns leveraging compromised internal accounts, the kind of attacks that traditional filters don't see. Since deploying IRONSCALES: - Manual phishing classification workload dropped to near zero - 34 SOC analyst hours saved in 90 days - Incident containment measured in minutes, not hours "IRONSCALES is one of the few that actually does what it says. It works, and it keeps working." That's Javier Fernandez, MDR Lead at CyberScope. Full case study linked in comments. #EmailSecurity #ManagedSecurity #BEC #SOCAutomation #CyberSecurity

A DocuSign phishing email this week used Google Maps as a redirect proxy. The flow: victim clicks a http://maps/google.be link, which bounces them to an Amazon S3-hosted credential harvesting page. The sender came from a compromised Japanese hosting account. SPF passed. DKIM passed. The email looked legitimate to filters and to the person receiving it. Our threat research team dissected the full attack chain. If you run email security for your org, this one is worth five minutes. Link in comments. #Phishing #ThreatIntelligence #EmailSecurity #CyberSecurity #BEC

The Winter '26 release shipped three agents that change how email security works at the operational level. One anticipates attacks by researching your org the way an attacker would. One investigates threats with L2-level forensics in minutes. One trains your employees using real reconnaissance, not recycled templates. Agentic AI is a phrase that gets tossed around a lot right now. Here's what it actually looks like when applied to email security. Full release breakdown from Audian Paxson. Link in comments. #EmailSecurity #AI #PhishingProtection #CyberSecurity #Automation #Agents

Five attacks landed in inboxes last week that looked, on paper, like they should have failed. Broken encoding. Mismatched sender domains. Template variables left in the subject line. They worked anyway. Audian Paxson breaks down what made each one effective in the latest Best of the Worst roundup. The common thread: attackers are betting that your filters will dismiss sloppy formatting as benign. And they're right more often than they should be. Worth a read if you're responsible for email security policy. Link in comments. #EmailSecurity #PhishingProtection #ThreatIntelligence #CyberSecurity #InfoSec

"IRONSCALES is one of the few that actually does what it says — it works, and it keeps working." That's Javier Fernández, MDR Lead at CyberScope, a managed security provider protecting organizations across EMEA, the U.S., and South America. Their challenge? Account takeover and BEC campaigns were leveraging compromised internal accounts — the kind of attacks that slip right past traditional filters and legacy email security. Since deploying IRONSCALES, CyberScope has seen: → Manual phishing classification workload reduced to almost zero → 34 SOC analyst hours saved in just 90 days → Incident containment in minutes through trained user reports and automated response "Phishing was a major resource drain. We've since streamlined our process to handle high-value threats, significantly reducing manual effort spent on each email." — Javier Fernández What started in 2019 with security awareness training has grown into a full protection suite — native API integration, automated remediation, ATO and BEC defense — all without changing MX records. When your email security platform actually delivers, the results speak for themselves. Read the full case study — link in comments. #EmailSecurity #PhishingProtection #BEC #ManagedSecurity #CyberSecurity #IRONSCALES

AI hasn’t just evolved cyberattacks, it has reset the threat curve entirely. New research shows that even “solved” problems like phishing and business email compromise (BEC) are immature and dangerous again, with attackers using AI and autonomous agents to launch hyper-personalized, multi-channel attacks at scale. IRONSCALES CEO and Founder Eyal Benishti explores what email security means for security leaders, and why defending organizations now requires a fundamentally new approach. Listen to the full interview: https://t.co/If29UAXTAj #BEC #emailsecurity #phishing #cybersecurity #AI #infosec #RSAC #agents