Business-critical mails in spam folders: Why real emails look fake now
In the fight against phishing, forward-thinking organisations are winning. But there's a twist. The heightened vigilance that has empowered employees to detect suspicious emails is now creating a new dilemma: legitimate, business-critical messages are being flagged, ignored, or buried in spam folders. And in today's AI-fuelled cyber landscape, that reaction may be as justified as it is damaging.
Phishing works and it's reshaping trust
The release of generative AI tools has supercharged phishing attempts. KnowBe4's Phishing Threat Trend Report 2025 (https://apo-opa.co/4kdUXIx) shows that more than 80% (https://apo-opa.co/3TNjJnN) of the analysed phishing emails were augmented by AI, and they're far more convincing than before.
'The gut-check we used to rely on has been gamed – and even the large language models now being explored to help detect suspicious emails are also struggling,' says Anna Collard, SVP of Content Strategy&Evangelist at KnowBe4 Africa. 'They're forced to dig deeper, assessing tone, context, and subtler red flags.'
The result? Suspicion is now the default
And it's not unwarranted. Maturing cybersecurity awareness and phishing simulation programs have helped sharpen employees' scepticism (https://apo-opa.co/3GpDVcj). But this success has revealed a new problem: overcorrection.
Emails that are real – from HR, IT, legal, or sales – are now increasingly being misjudged. In some cases, they're wrongly flagged as phishing by either people or systems.
In others, they're simply ignored. The irony is that some of the most common and legitimate corporate communication traits are now the very ones that raise red flags:
Urgency: 'Sign this by COB today'; or when every email from a colleague is marked 'urgent'
Unexpected senders: e.g. HR tools or SaaS platforms
Calls to action: 'Click here to confirm'
Stylistic quirks: overly polished copy, too many links or bold phrases
Tech misalignments: emails from legitimate senders failing DMARC or DKIM checks
'Even just using a third-party sender domain can cause confusion,' says Collard. 'If staff don't expect it – or don't recognise the platform – the message can get flagged.'
For good reason too, as according to KnowBe4's Phishing Threat Trend Report (https://apo-opa.co/4kdUXIx) the top 5 legitimate platforms used to send out phishing emails include popular business tools such as DocuSign, Paypal, Microsoft, Google Drive, and Salesforce.
The cost of false positives
When real emails get sidelined, the impact is more than a missed message. Delayed IT updates, ignored HR deadlines, and lost sales opportunities can create serious ripple effects across operations. Deliverability issues also erode trust. And in high-stakes environments like healthcare, legal services or finance, false positives can become costly very quickly.
So, how do you write emails that get read – not flagged?
To combat this growing challenge, organisations need to stop thinking of phishing risk as purely a recipient problem. Legitimate internal emails need to look legitimate too.
Here's how every team – from HR to IT to marketing – can write more trustworthy emails:
Write Like a Human, Deliver Like a Pro
Subject lines should set expectations
Use clear, predictable language. Instead of 'IMPORTANT: Read this now!', try 'Reminder: Benefits enrollment closes Friday'.
Lead with context before asking for action
Start with a reference point: 'You recently submitted a travel claim...' or 'As part of your onboarding...'.
Limit urgency to what's truly urgent
Too many 'ASAP's will breed indifference. Use urgency sparingly – and explain why it matters. Remember:
If everything is urgent; nothing is.
Minimise links and avoid vague CTAs
Avoid phrases like 'click here' or hyperlinking whole sentences. Provide a fallback path:
'Or log into your dashboard directly (https://Training.KnowBe4.com)'.
Be cautious with tone and formatting
Avoid shouty subject lines, gimmicky language, or inconsistent formatting that can trigger filters.
Test before sending
Run your email through spam-filter testing tools to see what might flag it (Mail-Tester.com or GlockApps.com).
Get your digital paperwork in order
Even the best-written email may never reach its recipient if your authentication protocols aren't properly configured. SPF, DKIM, and DMARC are three essential technical settings that help prove your email really came from your domain.
SPF tells email providers which servers are allowed to send emails using your domain name — helping stop spammers from pretending to be you.
DKIM adds a digital signature to your emails to prove they really came from you and weren't changed along the way.
DMARC brings SPF and DKIM together by setting rules for what to do with suspicious emails (like send them to spam or block them) and sends reports to your IT team so they can spot abuse.
'These protocols are a bit like a digital passport,' Collard explains. 'Without them, even a genuine email may not make it through.'
But even technically sound emails can fall flat if they don't look legitimate to the reader. That's why it's just as important to consider how your internal teams craft and send messages.
Internal brand security: don't just train recipients – train senders too
Cyber awareness is often focused on detection. But to maintain deliverability and trust, sender behaviour matters too. Teach teams to avoid accidental red flags. Share templates and subject line guides. And ensure that employees – especially those sending to large groups – understand the basics of trustworthy communication.
Consistency is key. Make sure communications come from the same official addresses, follow familiar formats, and maintain a recognizable tone. This teaches recipients what to expect – and what to be cautious of – building a clearer line between legitimate messages and possible fakes.
'This is part of internal brand hygiene,' says Collard. 'When your team consistently communicates clearly and predictably, you build trust over time – with both employees and clients. That trust makes your emails easier to recognise, safer to deliver, and more likely to be opened.'
In a world where AI can impersonate your tone and template with ease (https://apo-opa.co/3TPcb3X), your best defence is to sound like yourself – and help others know what to expect when you speak.
Distributed by APO Group on behalf of KnowBe4.
Contact details:
Anne Dolinschek
KnowBe4
Email: anned@knowbe4.com
TJ Coenraad
Red Ribbon
Email: tj@redribboncommunications.co.za
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Business
6 hours ago
- Arabian Business
Mastercard's $10bn cyber push: Adam Jones on AI, identity and the future of digital trust
As the Middle East and North Africa accelerate their shift toward digital economies, cybersecurity has emerged as a critical pillar underpinning this transformation. Mastercard, a leader in payment technology, is doubling down on this mission with a $10 billion investment aimed at strengthening digital trust and resilience. Adam Jones, Executive Vice President and Division President for West Arabia, shares insights into Mastercard's regional strategy, including the recent launch of its Cyber Resilience Center in Saudi Arabia and explains how cutting-edge AI and identity verification technologies are setting new standards for secure, seamless payments across MENA. Over the past seven years, Mastercard has invested $10 billion in developing advanced cybersecurity solutions. Can you elaborate on your strategy in this space and the outcomes of your investment? At Mastercard, we are committed to securing the digital economy through simple, seamless, and secure solutions. Our strategy focuses on assessing risks, protecting data, and building trust across every interaction, whether with consumers, businesses, or governments. We work closely with both the public and private sectors to establish more robust cybersecurity standards. As part of our long-term strategy, we've continuously invested in innovation and cutting-edge technologies to stay ahead of evolving cyber threats. This includes the acquisition of companies such as Brighterion, RiskRecon, and NuData, each bringing specialised capabilities in AI, risk assessment, and behavioral analytics to enhance our cybersecurity ecosystem. One of the key areas of opportunity is identity verification and management. By integrating these capabilities with our fraud prevention tools, we're developing more proactive, intelligent defenses. We use biometric authentication, behavioral insights, and AI-powered identity verification to ensure that every transaction is both secure and truly verified. A prime example of this innovation is Mastercard Payment Passkey, which we are rolling out across the region in collaboration with Network International. This solution eliminates the need for one-time passwords and instead uses device-based biometric authentication, like fingerprint, facial recognition, or iris scan—for a faster and more secure checkout experience. Importantly, no payment or biometric data is shared with third parties, helping to protect consumers from fraud and scams while simplifying their e-commerce journey. AI can be used for different things – even bad actors can use it to sow discord. How is Mastercard harnessing the power of AI to proactively identify cyber risks, strengthen threat responses and secure the digital ecosystem in the face of growing e-commerce? At Mastercard, we recognise both the potential and the risks that come with AI. That's why we've embedded artificial intelligence and machine learning across our cybersecurity solutions, to proactively detect threats, respond faster, and protect the integrity of the digital ecosystem. AI enables us to analyse vast volumes of data in real time to identify patterns, anomalies, and potential risks that might otherwise go undetected. This allows for faster, more precise intervention against increasingly sophisticated fraud and cyber threats. In 2023, we launched Decision Intelligence Pro, our next-generation fraud detection solution powered by generative AI. This breakthrough technology has the potential to enhance fraud detection by up to 300%, offering a powerful layer of protection for consumers and financial institutions alike. We're excited to extend these benefits to our customers across the region. As cybercrime and payment fraud continue to converge, our strategy has evolved to address broader and more complex threats. One of our most significant moves in this space is the acquisition of Recorded Future, the world's largest AI-driven threat intelligence company. This acquisition strengthens our ability to provide real-time, actionable intelligence by leveraging Recorded Future's Intelligence Graph®, a unique AI-powered platform that connects data across millions of sources to deliver the most comprehensive and unbiased threat insights globally. By integrating Recorded Future's capabilities with Mastercard's existing fraud and cybersecurity solutions, we're creating a global security ecosystem that provides unmatched protection and trust for our partners, across both public and private sectors. The ongoing digital transformation in the Middle East and North Africa (MENA) has created fertile ground for cybercrime. Governments and companies are putting up defenses, with revenue in the region's cybersecurity market projected to reach US$4.63 billion this year. Can you tell us more about Mastercard's contribution to cybersecurity efforts in the region? At Mastercard, we are committed to advancing cybersecurity and building trust in the digital economy across MENA. Our approach brings together identity verification, AI-driven analytics, threat intelligence, and real-time fraud monitoring, creating a robust, end-to-end security framework. In partnership with Network International, we introduced our Brighterion AI technology to 60,000 merchants across the Middle East and Africa. This solution, which is both scalable and easy to implement, continuously monitors transactions for compliance and fraud, adapting in real time to evolving threats. In Saudi Arabia, we are working closely with Saudi Awwal Bank (SAB) to deploy Mastercard Gateway's Transaction Risk Management (TRM) solution. This AI-powered technology proactively assesses each transaction, helping detect vulnerabilities and reduce financial risk, while ensuring safe and seamless digital payments for customers. We also empower banks and businesses with the tools and knowledge they need to stay ahead of threats. The Mastercard Trust Center offers resources, insights, and practical toolkits to help institutions strengthen their cybersecurity posture. Meanwhile, Mastercard Cyber Secure provides acquirers with a real-time, URL-based snapshot of their merchants' cyber risk, enabling faster, smarter decision-making. By collaborating with regional players and leveraging advanced technologies, we're helping shape a more secure digital future for MENA. Mastercard has a strong presence in the MENA region. What led you to choose Saudi Arabia as the location for your new Cyber Resilience Center? Saudi Arabia is undergoing a remarkable transformation under Vision 2030, which positions innovation, digitalisation, and economic diversification as key drivers of national progress. As part of this vision, the Kingdom has set a goal for 70% of all payment transactions to be digital by the end of the decade, creating immense opportunities for fintech growth and the need for robust cybersecurity. The government's commitment to realising this vision has made Saudi Arabia a fertile ground for technological innovation and investment. Its advanced digital infrastructure, progressive regulatory environment, and a young, tech-savvy population create ideal conditions for launching future-focused initiatives like our Cyber Resilience Center. The center in Saudi Arabia also complements Mastercard's global network of cybersecurity operations, allowing us to bring international best practices while adapting to the region's specific needs. It's a critical step in our mission to secure digital commerce worldwide and serve as a trusted partner to governments and businesses across the region. What benefits will the Cyber Resilience Center bring to the Saudi payments landscape? The launch of the Cyber Resilience Center marks a significant milestone in strengthening Saudi Arabia's cybersecurity capabilities and protecting the integrity of its fast-growing digital economy. As the Kingdom accelerates toward a cashless society under Vision 2030, the center will help ensure the financial sector remains secure, trusted, and prepared for future growth. Designed as a regional hub, the center will empower organisations with the tools, intelligence, and expertise needed to detect, prevent, and respond to cyber threats in real time. It will also foster deeper collaboration between public and private stakeholders, helping to elevate cybersecurity standards across the wider MENA region. In addition to its technical capabilities, the center will support the development of local talent through cybersecurity training, certifications in Arabic, and ongoing knowledge-sharing sessions. By strengthening cyber readiness and establishing shared benchmarks, it aims to build a more resilient and innovative digital payments landscape. We're also proud to bring on Riyad Bank as our first partner, working with us to advance cybersecurity best practices in Saudi Arabia and beyond.
Zawya
7 hours ago
- Zawya
CORRECTION: African Development Bank, Asian Infrastructure Investment Bank (AIIB) sign Memorandum of Understanding (MOU) renewing their collaboration on sustainable economic development for Africa
The African Development Bank ( and the Asian Infrastructure Investment Bank (AIIB) have signed an agreement strengthening their collaboration on sustainable economic development, designed to boost infrastructure development and economic opportunities across the African continent. The Memorandum of Understanding, which builds on an earlier one in 2018, was signed by African Development Bank president, Dr. Akinwumi Adesina, and AIIB President and Chair of the Board of Directors Jin Liqun on Saturday 28 June. The signing took place on the sidelines of a meeting of Heads of Multilateral Development Banks held in Paris, France, the same day. The agreement outlines continued collaboration from both parties in six priority areas, aligned with the Bank Group's Ten-Year Strategy 2024–2033 as well as AIIB's Corporate Strategy and its Strategy on Financing Operations in Non-Regional Members. The areas are: (i) Green infrastructure (ii) Industrialization (iii) Private capital mobilization including Public - Private Partnerships (iv) Cross-border-connectivity (v) Digitalization; and (vi) Policy-based financing The MOU will promote among other things, co-financing, co-guaranteeing and other forms of joint participation in financial assistance for development projects primarily in sustainable infrastructure. The African Development Bank and AIIB's existing cooperation in this area, includes providing guarantees to support the issuance of Egypt's first Sustainable Panda Bond in 2023, valued at RMB 3.5 billion. This historic issuance—backed by guarantees from both AfDB and AIIB—marked the first African sovereign bond placed in the Chinese interbank bond market. The guarantees provided by the two triple-A-rated multilateral banks were instrumental in de-risking the transaction, enabling Egypt to secure competitive terms and attract investor confidence. 'This partnership continues to be an effective pathway to provide economic development for our member countries, especially in infrastructure. By reaffirming today, we are boosting energy access by accelerating Mission 300 which is targeting to connect 300 million people to electricity by 2030,' Dr Adesina said. Mr. Jin Liqun remarked: "The renewal of our partnership with the African Development Bank reflects AIIB's commitment to supporting sustainable development beyond Asia. Through this collaboration, we can leverage our combined expertise to deliver transformative projects that will benefit millions across the continent and create prosperity through quality infrastructure investment." Distributed by APO Group on behalf of African Development Bank Group (AfDB). Editor's note: This press release is re-issued to correct an error in the number of members AIIB has worldwide. An earlier version issued today 30 June, incorrectly stated that it has 84 members, instead of 110. Contact: Amba Mpoke-Bigg Communication and External Relations Department Email: media@ About the Asian Infrastructure Investment Bank (AIIB): The Asian Infrastructure Investment Bank is a multilateral development bank dedicated to financing 'infrastructure for tomorrow,' with sustainability at its core. AIIB began operations in 2016, now has 110 approved members worldwide, is capitalized at USD100 billion and is AAA-rated by major international credit rating agencies. AIIB collaborates with partners to mobilize capital and invest in infrastructure and other productive sectors that foster sustainable economic development and enhance regional connectivity. About the African Development Bank Group: The African Development Bank Group is Africa's premier development finance institution. It comprises three distinct entities: the African Development Bank (AfDB), the African Development Fund (ADF) and the Nigeria Trust Fund (NTF). On the ground in 41 African countries with an external office in Japan, the Bank contributes to the economic development and the social progress of its 54 regional member states. For more information:
Zawya
9 hours ago
- Zawya
Hydrogen Growth, Water Risk – Can Africa Balance Both?
Free Live Webinar Hosted by ESI Africa Reserve My Seat Now ( As Africa positions itself to lead in the green hydrogen economy, one vital resource sits at the centre of this transformation: water. Green hydrogen production via electrolysis requires large quantities of water — a pressing challenge on a continent where water scarcity already threatens communities, agriculture, and industry. Join ESI Africa for a live webinar unpacking the complex connection between hydrogen development and water resource management across Africa. This session will explore the opportunities, trade-offs, and innovations shaping the continent's sustainable hydrogen future. What You'll Learn: The water intensity of green hydrogen — and what it means for Africa Technologies enabling hydrogen production with minimal freshwater use Planning and policy tools to align hydrogen development with water sustainability Africa's potential to lead a balanced, green hydrogen economy Secure your seat now – space is limited ( Why Attend? This is a critical conversation for energy planners, water authorities, hydrogen developers, policymakers, and anyone working at the intersection of Africa's energy and environmental future. Learn how Africa can scale hydrogen without compromising water security. Date: 24 July 2025 Time: 14:00–15:00 (SAST) Format: Free Virtual Webinar Registration Link: Readers can also read more about the webinar here: Distributed by APO Group on behalf of Vuka Group.
