It’s a little-known fact that before emails reach your inbox, they pass through a buffer designed to scan and block malicious content. Over time, however, email providers, especially Gmail, have shifted their focus to simply adding “warning labels” to those with suspicious links or attachments. This approach, which is best described as “beating around the bush,” hasn’t done much to mitigate the threats at all. Amazingly, 91% of all cyberattacks still come from email. So what’s going on?
9to5Mac Security Bite is brought to you exclusively by Mosyle, Apple’s only unified platform. Everything we do is about ensuring Apple devices are ready to work and secure for enterprises. Our unique, end-to-end approach to management and security combines Apple’s most advanced security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and advanced Apple MDM on the market. The result is a fully automated, unified Apple platform that is currently trusted by over 45,000 organizations to provision millions of Apple devices effortlessly and affordably. Request an Extended Trialtoday and find out why Mosyle is all you need for your Apple experience.
First, let's look at how bad things are right now.
In a previous Security Bite, I discussed research from browser security startup SquareX that showed how little companies are doing to block malicious attachments and protect users.
The team of researchers took several different types of malware samples, attached them to emails, and sent them via Proton Mail to addresses in iCloud Mail, Gmail, Outlook, Yahoo! Mail, and AOL, all part of the Yahoo! group. Notably, if the emails were successfully delivered to users, they could be vulnerable to any potential threat contained in those attachments.
The table below summarizes the results of sending 7 out of 100 malware samples to different email providers, indicating whether the malicious attachment was delivered. “If the email was not delivered, this is an indication that the malware was detected during processing by the server,” according to the SquareX study.
A table showing which malware samples passed which email provider’s scanners and were successfully delivered.
Image: SquareX
The Dilemma
Investing in robust email security features may seem like an obvious critical part of protecting users. However, Ian Thornton-Trump, chief information security officer at threat intelligence company Cyjax, told Forbes, “It’s like asking free Wi-Fi at Starbucks why they don’t block more or all cyberattacks.” He also explained that it’s difficult to balance free and secure in the same sentence.
Thornton-Trump argues that adding advanced email security features “can be extremely problematic due to false positives, which can involve using technical support resources to help or fix — an expense that may not be commercially viable across millions of users on a free platform.”
Best comment from Shane
I don’t think it’s fair to say “oh, it’s paid, what do you expect”. There needs to be meaningful legislation forcing them to do more… when we’re talking about billions of dollars lost to fraud, phishing, viruses, ransomware, etc… we need to tell ourselves that not only can providers do more, they SHOULD. They can afford to do more. They need to be held accountable.
View all comments
Moreover, others have argued that email providers are dragging their feet on something that could cost significant resources and impact their profits. While not specifically designed to block spam, iOS 18, iPadOS 18, and macOS 15 offer better categorization and summaries of emails thanks to Apple Intelligence, making it easier to cut through the clutter and figure out what’s important.
I’ll be interested to see if Apple ever integrates any other AI security features into the Mail app. Using Apple Intelligence to better warn users or outright remove malicious attachments and URLs from emails in real time can be deadly.
I'd love to hear your thoughts. Please tell me you're not still on AOL…
About Security Bite: Security Bite is a weekly security column on 9to5Mac. Each week, Arin Vaichulis shares data privacy insights, exposes vulnerabilities, or sheds light on emerging threats across Apple's vast ecosystem of over 2 billion active devices to help you stay secure.
