Email Security Results
Prioritized findings, safe next steps, and a report you can forward internally.
This shared view is read-only.
Overall score
Grade: C+
Authentication
75
Threat filtering
65
Inbox exposure
65
Placement progress
7/8
Placement review
The buttons below are mutually exclusive for where the message landed. Protection checkboxes apply only when the message reached the inbox.
Social Engineering
[EPT_15] New Voicemail Message
Email Pen Test • Pending • Pending
InboxWarning banner
[EPT_15] New Voicemail Message
Email Pen Test • Pending • Pending
Case key: 15
Content Analysis
Links
[EPT_IW] Secure Document Access
Email Pen Test • Pending • Pending
InboxURL protection
[EPT_IW] Secure Document Access
Email Pen Test • Pending • Pending
Case key: IW
Social Engineering
[EPT_CU] Security Alert
Email Pen Test • Pending • Pending
Spam
[EPT_CU] Security Alert
Email Pen Test • Pending • Pending
Case key: CU
Social Engineering
[EPT_D2] Remote Access Session Request
Email Pen Test • Pending • Pending
Spam
[EPT_D2] Remote Access Session Request
Email Pen Test • Pending • Pending
Case key: D2
Content Analysis
Attachments
[EPT_A3] Meeting Follow-Up
Email Pen Test • Pending • Pending
Inbox
[EPT_A3] Meeting Follow-Up
Email Pen Test • Pending • Pending
Case key: A3
Content Analysis
[EPT_9I] Important Update
Email Pen Test • Pending • Pending
Spam
[EPT_9I] Important Update
Email Pen Test • Pending • Pending
Case key: 9I
Attachment Policy
Attachments
[EPT_C5] Document Review Required
Email Pen Test • Pending • Pending
SpamAttachment protection
[EPT_C5] Document Review Required
Email Pen Test • Pending • Pending
Case key: C5
Social Engineering
[EPT_6U] Display Name Verification Test
Email Pen Test • Pending • Pending
Pending
[EPT_6U] Display Name Verification Test
Email Pen Test • Pending • Pending
Case key: 6U
Prioritized gaps
Social Engineering Emails Reaching Inbox
highSeveral social engineering test emails (voicemail spoofing, display name spoofing) successfully reached user inboxes. These patterns are commonly used in phishing attacks.
Link-Wrapping Service Abuse Not Detected
highEmails using trusted link-wrapping services to hide destinations bypassed filtering. Attackers often use these services to evade URL analysis.
Visual Spam Evasion Techniques Working
mediumEmails using visual obfuscation (hidden text, tiny fonts, wide spacing) bypassed content filters. These techniques are used to evade text-based detection.
HTML Attachments Not Quarantined
mediumHTML attachments with embedded scripts reached users. HTML smuggling is a common attack vector for delivering malicious payloads.
Fix this week
- Enable display name spoofing detection and sender verification
- Configure link-wrapping service detection and URL analysis
- Review and strengthen HTML attachment policies
Measure next
- Monitor social engineering email patterns reaching inboxes
- Track link-wrapping service usage in suspicious emails
- Review visual spam evasion detection effectiveness