Phishing emails are an increasing threat to businesses. Beginning as a simple spam message, phishing can quickly snowball into a serious data breach incident.

This is why email security is so important.

Phishing is a low-risk/high-reward cyber crime method, and it only takes a single person opening a phishing email for a business to face damaging consequences.

Simply put, if successfully ‘phished’, your business could be at risk of the following:“91% of cyber attacks begin with a spear phishing email.”

Malware or ransomware infection

Cyber criminals can either infect your business with malware, or ransom your business for access to its own data.

Stolen information

Significant risk of a data breach, and therefore GDPR fines.

Identity fraud

Cyber criminals can use your business’s identity to infect customers’ systems, damaging trust.

With this in mind, it can also be a traumatic time for the individual responsible.

Let’s examine the five stages of grief following the opening of a phishing email:

1) Denial of a data breach

“I didn’t even click any links or open any attachments” – The realisation that you may have just caused a data breach for your business can be hard to accept.

This is understandable. It takes approximately 191 days to identify a data breach, and the damage caused in that time could be significant – especially with the potential GDPR penalties that may follow.

There is also a negative association with businesses that suffer breaches, potentially leading to reputational damage. If a business cannot look after its own data, why would anybody else trust them with theirs?

Therefore, some tend to avoid disclosing the truth during the stage of denial.

The refusal to accept culpability is a way of coping with the burden of responsibility and the fear of reprisal. However, this soon makes away for anger.

2) Anger over a data breach

“Why did that email even get through to me?!”Quick to assign blame, individuals and businesses may question how the breach even happened and look to those around them.

This is when the gravity of the situation hits, and panic sets in – how did it happen and whose fault was it? You may find yourself asking the following questions:

  • Should your IT department have intercepted the email?
  • Should I have paid more attention?
  • Or, if the email came from an infected business in your supply chain, should they be blamed?

And with phishing attacks taking approximately 20 days to resolve at a cost of around £960,000, frustration is an understandable, if undesirable response.

The anger eventually subsides, and moves beyond into…

3) Bargaining

“Okay, I won’t do it again. I’ll sort it. Somehow. Please just fix it” – The stage in which the signs of acceptance surface, but with regret and desperation.

Typically, individuals seek the path of least resistance and hope that the consequences can be avoided if swift action is taken.

Any opportunity for a return to business as usual will be sought. This may include a host of rash purchasing decisions in the hope that they will shore up an attack that has already happened.

This is where ransomware makes its money – cyber criminals prey on the desperation of an individual or business that needs stability and is willing to pay for it.

4) Depression

“I can’t believe it. I was so busy, I just didn’t realise… It’s completely my fault, but…” Closely followed is depression – a feeling of powerlessness as a result of the cyber attack. This may result in an admission of guilt, and with this, the financial and reputational damages begin to hit.

The ICO (Information Commissioner’s Office) may investigate if any personal data has been leaked, and businesses you work with may begin to question your relationships. Compensation could therefore be required, and an objective assessment of what went wrong.

However, a reluctant admittance is an important step on the way to acceptance.

5) Acceptance

“Okay. So, what tangible steps can I take to prevent it happening again?” The final step of acceptance is inevitable, particularly because GDPR demands disclosure of incidents. It’s simply a case of how long a business takes to come to this step, rather than if.

Disclosure should be given as soon as possible, once the facts have been established. It not only minimises the impact on customers and users but demonstrates a willingness to cooperate.

As for solutions, if your business was breached as a result of a phishing attack then it’s essential that both email security and IT awareness training are reviewed.

Better safe than sorry – Why Neuways recommends email security

Ultimately, we don’t want you to go through the five stages of grief – it’s lengthy, costly, and damaging.

Successful cyber attacks can ruin businesses, particularly SMEs that may not have the financial backing to recover, and attacks via email are the most dangerous threat to your cyber security.

We understand that email security can sometimes be overly sensitive and filter out genuine emails. This is an inconvenience, but it can be resolved with a few simple tweaks to your settings*. Email security is designed like this to protect you in the long run by filtering out malicious emails.

And with phishing attacks costing medium-sized businesses £1.25m on average, these minor inconveniences are incomparable to the level of security on offer.

If you would like to speak to us about email security, whether it’s fine-tuning your settings or discussing a new solution, you can contact us at or 01283 753344.

* If this is happening to you, speak to your IT team or MSP.