How Layered Email Security Blocked 2,000+ Phishing Attacks

Scottship Solutions manages email security for nonprofits and small businesses. Over the past year, our security stack blocked more than 2,000 phishing attacks targeting our clients. That is an average of roughly 5.5 attacks per day. And that number only counts what our AI powered detection layer caught. It does not include the spoofed emails that DMARC and DKIM authentication rejected before they ever reached that layer.

Most of those 2,000+ attacks were stopped automatically. But two recent incidents illustrate why automated tools alone are not enough and why layered defense matters.

The Threat: 5.5 Phishing Attacks Per Day

Small businesses and nonprofits assume they are not worth targeting. The data says otherwise. Our clients collectively face an average of 5.5 phishing attempts every single day. These are emails designed to steal credentials, install malware, or trick staff into wiring money.

The security stack that stops these attacks operates in two distinct layers, and understanding the difference matters.

Layer 1: DMARC, DKIM, and SPF authentication. These protocols verify that an email actually came from the domain it claims to come from. When an attacker spoofs a sender address, pretending to be your bank, your vendor, or your boss, these checks catch it at the mail server level. The email is rejected before it ever reaches anyone’s inbox. This layer stops a high volume of commodity phishing, and the 2,000+ number does not even include what it filtered out.

Layer 2: IRONSCALES AI powered detection. This is where things get harder. When an attacker compromises a real person’s real email account and sends phishing from it, the email passes SPF, DKIM, and DMARC because the sending infrastructure is legitimate. Authentication cannot help because the sender is who they claim to be. Their account has just been taken over. IRONSCALES uses behavioral analysis and machine learning to identify these attacks based on content patterns, link analysis, and sender behavior anomalies. The 2,000+ blocked attacks in one year came from this layer.

Two Attacks That Passed Every Authentication Check

In a single week, two phishing emails arrived that illustrate exactly why authentication alone is not enough. Both came from compromised Microsoft 365 accounts at real organizations. Both passed SPF, DKIM, and DMARC. Both were designed to harvest credentials. Our team caught both before anyone at the client organization ever saw them.

Attack #1: The Fake Invoice

A director at a human services nonprofit in North Carolina had their Outlook account compromised. The attacker used it to send a fake invoice notification to our client’s shared inbox. The email included the director’s real name, real title, and a professional legal disclaimer, all copied from the compromised account.

The “OPEN” button linked through a Google redirect chain to an Azure Blob Storage container named sharepoint26.blob.core.windows.net, designed to look like a legitimate SharePoint URL. It hosted a fake Microsoft login page built to steal credentials. The email was sent from the compromised account to itself and BCC’d to targets, hiding the full recipient list.

Google Workspace’s spam filter caught it and held it in moderation. It never reached anyone’s inbox. Our team pulled the raw email headers, decoded the obfuscated URLs, identified the credential harvesting page, and confirmed the compromise. We then notified the human services nonprofit that their director’s account had been taken over.

Attack #2: The Fake Event Invitation

A manager at a behavioral health organization in Ohio had their account compromised. The attacker sent an email inviting our client to review an “upcoming community event” via a Cognito Forms link, a legitimate form platform used as a phishing lure.

IRONSCALES flagged it as a first time sender with suspicious content patterns. Our team identified the phishing indicators, the BCC to self pattern, the unsolicited link, the generic framing, and reached out to the behavioral health organization to let them know their account was compromised.

The Hacker Responded

This is where the attack became personal. When our team contacted the compromised account to warn them, the attacker, still controlling the account, replied within an hour: “It is legit. I sent the file for your review. Please let me know what you think about it. It is safe and secure.”

That was not the real account holder. It was the hacker, actively monitoring the compromised inbox and responding to anyone who questioned the phishing email. The attacker was trying to reassure our team into clicking. They had also modified the phone number in the email signature to a disconnected line so no one could call to verify independently.

This level of active social engineering is what separates these attacks from standard spam. The attacker was not just sending emails and hoping. They were running a live operation, watching for responses, and engaging directly with anyone who pushed back.

Why These Attacks Are Dangerous

These were not mass blast spam campaigns from spoofed domains. Both emails came from legitimate, compromised Microsoft 365 accounts at real organizations. They passed every standard authentication check. An organization relying only on DMARC, DKIM, and SPF would have delivered both straight to the inbox.

The attack techniques were layered and deliberate:

• BCC to self delivery hides the target list and makes the email appear as a personal share
• Google redirect chains obscure the true destination URL from both humans and automated scanners
• Lookalike infrastructure uses Azure Blob Storage containers named to resemble SharePoint domains
• Legitimate form platforms like Cognito Forms make the link look trustworthy
• Active social engineering means the attacker monitors the compromised inbox and replies to reassure skeptical targets
• Modified contact information replaces real phone numbers with disconnected lines to prevent out of band verification

For a small organization without layered email security, either of these emails could have resulted in a credential compromise that cascaded into a full account takeover, the same kind of compromise that created the attack in the first place.

What Stopped Them

No single tool caught both attacks. What stopped them was the same layered approach that blocks 5.5 attacks per day across our client portfolio: automated filtering, AI powered detection, and a security team that knows what to look for.

Automated Filtering

The first attack was caught by Google Workspace’s built in spam classification, which held the message in a moderation queue. The second was flagged by IRONSCALES as a first time sender with suspicious content patterns. Neither filter alone would have caught everything, but together they created enough friction to surface both threats for review.

Scottship’s Security Team

Our team identified both threats before anyone at the client organization interacted with them. We pulled the raw email headers, decoded the obfuscated URLs, identified the Azure Blob Storage credential harvesting page, confirmed the BCC to self sending pattern, and determined that both source accounts at external organizations were compromised. We notified both organizations through independent channels. When one of those notifications was intercepted by the hacker and met with a reassuring response, we recognized the social engineering immediately and did not engage further.

The Takeaway

Small organizations are not too small to be targeted. Our clients face an average of 5.5 phishing attacks per day. These are not random. They target organizations through compromised accounts in their own professional networks. Attackers go after small firms precisely because they assume small firms do not have the security infrastructure to catch them.

Email authentication is necessary but not sufficient. DMARC, DKIM, and SPF are essential. They stop a massive volume of spoofed email before it reaches anyone. But when an attacker compromises a real account, authentication passes because the sender is legitimate. You need a second layer that analyzes behavior and content, not just identity.

The numbers tell the story. Over 2,000 phishing attacks blocked in one year by AI powered detection alone. That does not include what DMARC and DKIM stopped at the authentication layer. For organizations without either layer, every one of those attacks would have reached someone’s inbox.

Hackers fight back. When we notified one of the compromised organizations, the attacker responded from the stolen account pretending everything was fine. If you contact a compromised sender and they tell you the email is legitimate, that is not verification. That may be the hacker talking. Always verify through an independent channel, never by replying to the suspicious email.

Your partners’ security is your security. Both attacks originated from compromised accounts at external organizations. You can have perfect internal security and still be targeted through your professional network. Layered defense, automated filtering, AI detection, and a dedicated security team, is what turns a compromised partner into a blocked email instead of a breach.