Home  /  Email Defence Services

Solutions

Email Defence Services

Email is the number one way attackers get in. We filter and block threats before they reach your team's inbox — not after.

Email Defence Services

Over 90% of cyberattacks start with an email. A convincing phishing link, a malicious attachment disguised as an invoice, a fake Microsoft login page: your staff are targeted every single day, and all it takes is one click.

We filter and block these threats before they reach the inbox. Not after.

What we protect against

Phishing (fake emails designed to steal passwords or money)

Phishing emails impersonate banks, suppliers, Microsoft, HMRC, and senior colleagues to trick your staff into clicking a link or handing over credentials. Modern phishing is convincing. We scan every inbound email for phishing indicators and block or quarantine suspicious messages automatically, before anyone has the chance to click.

Spam and junk mail

Unwanted email wastes time and, at volume, can be used to conceal real attacks among the noise. Our filtering removes spam before it reaches your team's inbox, without over-blocking legitimate email.

Malicious attachments (email-borne malware)

Infected PDFs, Word documents with embedded macros, fake invoices, zip files containing ransomware: every inbound attachment is scanned automatically. If it looks suspicious, it is quarantined before delivery.

Business email compromise (BEC)

This is one of the fastest-growing threats to small businesses. An attacker spoofs or hacks a senior employee's email address, then sends a convincing request to transfer money, change bank details, or share sensitive data. We apply sender authentication controls (SPF, DKIM, and DMARC) that make it significantly harder for attackers to impersonate your domain or your suppliers' domains.

Outbound filtering

If a device on your network is compromised and starts sending malicious or spammy email without your knowledge, outbound filtering catches it before it damages your domain's reputation or spreads infection to clients and partners.

Email encryption

For businesses that handle sensitive information by email, we configure encryption so that confidential messages are protected in transit. Whether it is triggered by content, by the recipient, or applied manually, your sensitive communications stay secure between sender and recipient.

Works with your existing email platform

We manage email security alongside Microsoft 365 (Exchange Online), Google Workspace (Gmail), and on-premise Exchange. There's nothing for your team to install or change: we configure the security layer at the platform level and it works in the background from day one.

Part of a broader security approach

Email filtering is one layer. On its own it does not make you secure. We combine it with two-step login (MFA) on all email accounts, web-level threat blocking (DNS filtering), and endpoint protection across every device, so that if something does get through, there are further controls in place to contain it.

If you are not sure whether your current email setup is protected, the free site survey will tell you.

One monthly fee. One number to call.

The day-to-day risk of your team being targeted by email attacks becomes our job, not yours.

Book your free site survey   or call +44 (0) 207 403 4031

FAQ

Common questions

What is email defence and why do I need it?

Email defence is a layer of security that filters and blocks threats before they reach your team’s inbox. Over 90% of cyberattacks start with an email, whether that is a phishing link, a malicious attachment, or a fake login page.

Email defence services scan every inbound and outbound message automatically, blocking threats at the gateway before anyone in your business has the chance to click on something dangerous. Without it, your staff are the only line of defence against attacks that are specifically designed to look legitimate.

What is phishing and how does email defence protect against it?

Phishing is an email designed to trick the recipient into clicking a malicious link, handing over login credentials, or transferring money. Phishing emails commonly impersonate banks, HMRC, Microsoft, suppliers, and senior colleagues. Modern phishing attacks are highly convincing and difficult to spot by eye.

Our email defence service scans every inbound message for phishing indicators, including sender impersonation, suspicious links, and domain spoofing, and blocks or quarantines suspicious messages before they reach the inbox.

What is business email compromise and how common is it?

Business email compromise, sometimes called BEC, is one of the fastest-growing and most financially damaging cyber threats to small businesses. It involves an attacker spoofing or hacking a senior employee’s email address, then sending a convincing request to transfer money, change supplier bank details, or share sensitive information. The email looks like it comes from someone the recipient trusts.

We protect against this by configuring sender authentication controls, specifically SPF, DKIM, and DMARC records, which make it significantly harder for attackers to impersonate your domain or your suppliers’ domains.

What are SPF, DKIM, and DMARC?

SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) are three email authentication standards that work together to verify that an email claiming to come from your domain was actually sent by you. Without them, anyone can send an email that appears to come from your address.

With them in place, receiving email servers can verify the email’s origin and reject or flag messages that fail the check. We configure all three as part of our email defence service and check them regularly as part of ongoing domain monitoring.

Does email defence protect against malicious attachments?

Yes. Every inbound email attachment is scanned automatically before it is delivered. Infected PDFs, Word documents with embedded macros, fake invoices, zip files containing ransomware, and other malicious file types are caught and quarantined before they reach your team.

We also block specific high-risk file types from being delivered at all, reducing the risk of a dangerous attachment being opened accidentally.

What is outbound email filtering and why does it matter?

Outbound filtering scans emails leaving your organisation as well as those arriving. If a device on your network is compromised and starts sending malicious or spammy emails without your knowledge, outbound filtering catches it before it damages your domain’s sender reputation, gets your domain blacklisted, or spreads infection to clients and partners.

A compromised email account sending spam is also a sign of a broader security incident that needs to be investigated immediately. Outbound filtering flags this automatically.

Does email defence work with Microsoft 365 and Google Workspace?

Yes. Our email defence service integrates with Microsoft 365, including Exchange Online, and Google Workspace, including Gmail, as well as on-premise Microsoft Exchange. The security layer is configured at the platform level and works in the background without any changes needed on individual devices or by individual users.

Is email encryption included in email defence services?

Yes. For businesses that handle sensitive information by email, we configure email encryption so that confidential messages are protected in transit between sender and recipient. Encryption can be triggered automatically based on the content of the message, the recipient, or applied manually by the sender.

This is particularly relevant for businesses handling personal data, financial information, legal documents, or any other sensitive material that should not be readable if intercepted.

How is email defence different from the spam filter already built into Microsoft 365?

Microsoft 365 includes a baseline level of spam and malware filtering, called Microsoft Defender for Office 365, but the default settings are not sufficient on their own. The built-in filtering needs to be configured correctly to be effective, and even then it benefits from additional layers.

Our email defence service combines correct configuration of Microsoft’s native tools with additional policies covering anti-phishing, safe links, safe attachments, and sender authentication, giving you a more comprehensive and correctly enforced level of protection than default Microsoft 365 settings provide.

Can email defence stop ransomware delivered by email?

It significantly reduces the risk. Ransomware is frequently delivered via email, either as a malicious attachment or a link to a download. Our email defence service scans attachments, checks links, blocks dangerous file types, and quarantines suspicious messages before they reach the inbox.

No email filtering is 100% effective, which is why we combine it with endpoint protection, web-level threat blocking via DNS filtering, and automatic patching. Multiple overlapping layers of protection ensure that if something gets through one control, others are in place to catch it.

Is email defence included in a Network Fish managed support contract?

Email defence configuration and ongoing management is included for managed support clients as part of the security stack we deploy and maintain. This covers the configuration of anti-phishing, safe links, safe attachment, and outbound filtering policies within your Microsoft 365 or Google Workspace environment, as well as SPF, DKIM, and DMARC configuration for your domain.

If you require a dedicated third-party email security gateway in addition to platform-level filtering, this can be quoted as an additional service following a free site survey.

What should I do if a phishing email gets through to my team?

Report it immediately. In Microsoft 365, users can report suspicious emails directly using the Report Message button in Outlook, which sends it to Microsoft for analysis and helps improve filtering. You should also notify your IT support provider so they can investigate whether anyone clicked any links or attachments, check for signs of account compromise, and tighten filtering rules to prevent similar messages getting through in future.

Network Fish clients should call our helpdesk immediately if a suspected phishing email is reported by a member of staff, so we can assess and respond quickly.