--- title: "Phishing Prevention: Email Providers Aren’t Helping Any | Phish Protection" description: "How many employees have to get phished before they take action? How much ransomware has to be paid before they take action?" image: "https://phishprotection.com/og/blog/phishing-prevention-email-providers-arent-helping-any.png" canonical: "https://phishprotection.com/blog/phishing-prevention-email-providers-arent-helping-any/" --- Quick Answer \[Research\](https://www.eurekalert.org/pub\_releases/2019-07/uop-tcn072919.php) conducted by academics at Plymouth's Centre for Security, Communications and Network (CSCAN) discovered that up to 75% of "the potential phishing messages made it into inboxes and were not in any way labelled to highlight them as spam or suspicious. Moreover, only 6% of messages were explicitly labelled as malicious." Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fphishing-prevention-email-providers-arent-helping-any%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Phishing%20Prevention%3A%20Email%20Providers%20Aren%26%238217%3Bt%20Helping%20Any&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fphishing-prevention-email-providers-arent-helping-any%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fphishing-prevention-email-providers-arent-helping-any%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fphishing-prevention-email-providers-arent-helping-any%2F&title=Phishing%20Prevention%3A%20Email%20Providers%20Aren%26%238217%3Bt%20Helping%20Any "Share on Reddit") [ ](mailto:?subject=Phishing%20Prevention%3A%20Email%20Providers%20Aren%26%238217%3Bt%20Helping%20Any&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fphishing-prevention-email-providers-arent-helping-any%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/08/ceo-fraud-7002.jpg) _How many employees have to get phished before they take action?_ How much ransomware has to be paid before they take action? How many personal records have to be stolen before they take action? What will it take for [email security service](https://www.duocircle.com/) providers to install [phishing protection](https://www.duocircle.com/email/phishing-protection) technology and protect their customers? Apparently they haven’t hit the limit yet because the one thing we know for sure is that they aren’t doing a very good job of it. [Research](https://www.eurekalert.org/pub%5Freleases/2019-07/uop-tcn072919.php) conducted by academics at Plymouth’s Centre for Security, Communications and Network (CSCAN) discovered that up to 75% of “the potential phishing messages made it into inboxes and were not in any way labelled to highlight them as spam or suspicious. Moreover, only 6% of messages were explicitly labelled as malicious.” Why does this number reflect so poorly on the email service providers? Because the researchers used “email content obtained from archives of reported **phishing attacks**.” That’s right! They used known phishing emails that had already been circulated and the email service providers found 6 out of 100. We’re not talking about zero-day exploits - phishing tactics that have never been seen before. The most basic phishing filters would have discovered these, which seems to imply that the email service providers aren’t doing any **phishing filtering** at all. According to Professor Steven Furnell, leader of CSCAN, “The poor performance of most providers implies they either do not employ filtering based on language content, or that it is inadequate to protect users.” **_Phishing attacks are on the rise_**. Phishing attacks are the cause of most **cybersecurity breaches**. No matter how much employee training there is, some employees will click on malicious links. And now we know that when it comes to [phishing protection](https://www.duocircle.com/email/phishing-protection), email service provider offer little in the way of protection. The bottom line is companies are on their own. If you want to protect your company from phishing attacks that lead to cyber breaches, you’re going to have to take matters into your own hands and deploy your own **phishing prevention technology**. One of the best ways to do that is with[ Phish Protection](/). ![Ceo fraud](https://media.mailhop.org/phishprotection/images/2019/08/ceo-fraud-7002.jpg) Phish Protection, cloud-based [email security service](https://www.duocircle.com/) with real-time link protection, is designed to do one thing really well: keep phishing emails OUT of the inbox. The exact thing email service providers have chosen not to do. Phish Protection works with all email platforms including Office 365\. It protects all devices, sets up in minutes and only costs pennies a day per employee. You may not be able to convince your email service provider to install **anti-phishing technology**, but that doesn’t mean you can’t protect your employees from phishing. Try Phish Protection for free for 30 days. ## Topics [ Phishing ](/tags/phishing/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Foundational 5m 0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[ Foundational 4m 13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[ Foundational 4m All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[ Foundational 4m 2021 Phishing Trends You Need To Be Wary Of Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Phishing Prevention: Email Providers Aren’t Helping Any","description":"How many employees have to get phished before they take action? How much ransomware has to be paid before they take action?","url":"https://phishprotection.com/blog/phishing-prevention-email-providers-arent-helping-any/","datePublished":"2019-08-17T11:22:22.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-08-17T11:22:22.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/phishing-prevention-email-providers-arent-helping-any/"},"articleSection":"foundational","keywords":"Phishing","wordCount":454,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/08/ceo-fraud-7002.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Phishing Prevention: Email Providers Aren’t Helping Any","item":"https://phishprotection.com/blog/phishing-prevention-email-providers-arent-helping-any/"}]} ```