Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3


May 24, 2024 | Daniel Blank

3 Rising Email Threats MSPs Need to Know

MSPs should familiarize themselves with these lesser-known email attack methods on the rise in 2024.

Email is the most widely used communication channel across the corporate landscape. Unfortunately, email threats also are among the most dangerous from a cybersecurity standpoint.

Because of its ongoing widespread usage, cybercriminals focus their efforts on email exploits that lure unsuspecting users into succumbing to their schemes.

Organizations that know cybercriminals lean heavily on email campaigns for their attacks are turning to MSPs to help them thwart email threats and keep their operations safeguarded. However, cybercriminals always adapt, constantly devising new ways of exploiting unsuspecting organizations for a huge payday.

To ensure customers are protected from every possible angle, MSPs should familiarize themselves with three lesser-known email attack methods on the rise in 2024 and provide their customers with the right defense.

Phishing with AI

Email threats were more recognizable in the past. Cybercriminals put little effort into crafting convincing text, making it easy for employees to dismiss attempts as spam.

But thanks to the debut of generative AI, threat actors can now easily create compelling emails that mimic human-written text, making it more difficult for employees to notice social engineering tricks.

These tactics extend beyond written text; using AI tools, threat actors can create realistic audio and visuals to persuade targets into giving out personal information, work credentials, or opening files with malicious software like ransomware. With the affordable and accessible technology, expect cybercriminals to lean on GenAI in the coming year.

Daniel Blank of Hornetsecurity offers advice to protect MSPs' clients from email attacks.

Daniel Blank

To reduce the likelihood of a successful phishing attack, MSPs should provide organizations with an automated service that offers ongoing employee training on spotting unusual activity. Additionally, they can help organizations define a strategy for informing IT support of any suspicious behavior to quickly take mitigation steps.

MFA Bypass

Threat actors previously had enormous success gaining access to corporate accounts through simple password strings or stored passwords that employees failed to secure. But the vulnerability of traditional passwords prompted the corporate world to adopt multi-factor authentication (MFA) as a secondary security measure.

MFA makes it harder to gain access, however, determined cybercriminals can still bypass these measures. Social engineering can persuade unsuspecting users into sharing authentication codes. MFA bypass kits and reverse-proxy-style attacks also help cybercriminals gain access, allowing them to create fake login screens that employees use to authenticate cloud services.

MSPs should ensure their clients are aware of MFA bypass attacks. Advocate for continued security awareness training and the implementation of a trusted email security solution to reduce the likelihood of a social engineering attempt.

QR Codes

Businesses often post QR codes in public spaces like stores or restaurants, allowing users to pull up a link to a website using the camera on their mobile device. It’s a convenient way to get to important information, which is why QR codes now can access some business applications.

QR codes have risen in popularity with threat actors since society has inadvertently trained people to readily scan them in a post-pandemic world. Naturally, cybercriminals have capitalized on this trend by using QR codes in emails to trick employees into browsing malicious websites to either gather information (like credit card details) or to harvest login credentials.

Because QR codes are relatively simple to create, threat actors can create them using malicious links or software (like ransomware) to permeate IT systems. What’s worse, most email scanning tools cannot analyze the links within these codes.

MSPs should act as trusted advisors to their customers by providing a solution that scans QR codes. This process can be done before the offending QR code hits an end user’s inbox, so that employees aren’t even allowed to scan it.

Cybercriminals will shift their attack strategies to take advantage of organizations that do not keep their security posture in line. MSPs must stay up to date on the latest developments and use the right solutions to protect their customers, as well as offer proper guidance on best practices to mitigate cyber risk. With the right measures in place, they can defend their customers against attack vectors that bypass cybersecurity software.

Daniel Blank is COO of Hornetsecurity. He has over 15 years of experience selling complex IT products, and 15-plus years of various managerial positions in the cloud security environment.

Image: iStock

Editor’s Choice

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

Asigra Makes a Splash with New SaaS App Data Backup Platform

June 3, 2024 |

Asigra’s new SaaSAssure platform offers MSPs comprehensive, secure, and easy-to-use backup solutions for SaaS apps, addressing a critical market need and providing an unparalleled opportunity for revenue.

Peer to Peer: John Kampas on Why EMPIST Thrives — Plus, 1 Mistake Too Many MSPs Make

May 31, 2024 | John Kampas

How prioritizing customer protection and technological empowerment helped EMPIST evolve into a “managed technology provider” with an international presence.

MSPs React to Comprehensive, Aggressively Priced Kaseya 365

May 1, 2024 |

Hear from MSP peers on the launch of the new Kaseya 365 program — designed to provide a crucial package of tech services at an affordable monthly price.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience