85% of Breaches Start in Your Inbox — Is Yours Protected?
Email is the attack vector in 85% of UK breaches. AMVIA's managed email security stops phishing, BEC, and malware before they reach your team — with DMARC configuration, attachment sandboxing, and phishing simulation training. Trusted by 1,200+ UK businesses.
Email security is the set of controls that stop phishing, malware, account takeover and spoofing reaching your inbox. It combines filtering, domain authentication (DMARC, DKIM, SPF) and staff training. AMVIA manages all three as a single security-first service for 1,200+ UK businesses — one provider, Microsoft-certified.
What Is Email Security?
Email security encompasses the technologies and processes that protect your business email from phishing attacks, malware delivery, account compromise, and email spoofing. An effective email security solution combines filtering (blocking malicious emails before they reach the inbox), authentication (verifying that emails claiming to be from your domain are genuine), and awareness training (helping your staff recognise and report suspicious emails). Microsoft 365 includes baseline email filtering, but most businesses need additional controls to protect against sophisticated attacks.
What Our Email Security Service Includes
AMVIA manages all layers of email security for UK businesses — from filtering and authentication to simulated phishing campaigns and user training.
Anti-Phishing and Spam Filtering
Advanced email filtering using machine learning and threat intelligence to block phishing emails, malware-laden attachments, and malicious URLs before they reach your users' inboxes.
DMARC, DKIM, and SPF Configuration
Email authentication protocols that verify messages are genuinely from your domain — preventing attackers from impersonating your business to suppliers, clients, or staff. We configure and monitor all three.
Business Email Compromise (BEC) Protection
AI-based detection of impersonation attacks where criminals pose as senior staff or trusted suppliers to authorise fraudulent payments. BEC is the highest-value email threat facing UK SMEs.
Attachment Sandboxing
Suspicious email attachments are detonated in an isolated sandbox environment before being delivered, preventing weaponised documents and executables from reaching your users.
Email Archiving and Continuity
Compliant email archiving for regulatory purposes (FCA, SRA, GDPR), plus email continuity services that keep your inbox accessible even if Microsoft 365 suffers an outage.
Phishing Simulation Training
Regular simulated phishing campaigns test your staff's awareness, with targeted training for users who click. Measurably reduces susceptibility to real phishing attacks over time.
Email Security Checklist
Key email security controls every UK business should have in place.
DMARC policy configured with p=quarantine or p=reject
DKIM signing enabled for your email domain
SPF record published and validated
MFA enforced on all email accounts
Attachment and URL scanning active on inbound email
Staff phishing awareness training completed in the last 12 months
This page sits under our managed cybersecurity pillar. If email is where your risk concentrates, start here, then book a free security audit to see exactly where your defences leak.
How does managed email security work?
Managed email security layers three defences and keeps them tuned: filtering blocks malicious mail at the gateway, authentication proves who really sent a message, and simulation training hardens your people. AMVIA runs all of it on Microsoft Defender plus the Barracuda email suite, so accountability never splits across vendors.
What we manage for you:
- Anti-phishing and spam filtering — machine-learning and threat-intelligence filtering blocks phishing, malicious URLs and weaponised attachments before delivery.
- DMARC, DKIM and SPF — we configure and monitor all three so attackers cannot impersonate your domain. See our dedicated DMARC, DKIM and SPF setup service.
- Business Email Compromise detection — behavioural analysis flags impersonation of executives and suppliers; detail on our business email compromise page.
- Attachment sandboxing — suspicious files are detonated in isolation before they reach a user.
- Email archiving and continuity — tamper-evident archiving and inbox access that survives a Microsoft 365 outage.
- Phishing simulation training — measured campaigns that cut click rates, covered on our phishing simulation page.
Why do UK SMEs need email security?
Email is the single biggest attack surface for UK businesses, and the default Microsoft 365 filtering most firms rely on does not stop targeted attacks. Phishing was the most common breach type identified in the UK Government's 2025 survey, affecting roughly 85% of businesses that reported a breach.
The numbers are blunt:
- 85% of UK cyber breaches involve a phishing attack as the initial entry point (DSIT 2025) — confirmed in the Cyber Security Breaches Survey 2025.
- £100,000–£150,000 typical loss from a successful Business Email Compromise (BEC) attack on a UK business (typical UK 2026 range).
- overall IC3-reported cybercrime losses increased 33% from 2023 (FBI IC3 2024 report).
- 1,200+ UK businesses protected by AMVIA's managed email security service.
The NCSC's phishing guidance is clear that technical controls and user awareness have to work together — which is exactly how we build the service.
What's the difference between in-house and managed email security?
In-house email security depends on one busy admin keeping policies, DNS records and training current. Managed email security gives you a dedicated team owning all of it with a 24/7 SOC behind the alerts. The table below shows where the gap shows up.
| Capability | In-house / default M365 | AMVIA managed email security |
|---|---|---|
| Filtering tuning | Default settings, rarely reviewed | Defender + Barracuda, tuned and audited |
| DMARC/DKIM/SPF | Often missing or in monitor-only | Configured, monitored, moved to enforcement |
| BEC / impersonation detection | Limited | Behavioural detection on every inbound |
| Phishing simulation | Ad hoc or none | Quarterly campaigns with department reporting |
| Archiving and continuity | Manual or absent | Compliant archiving + outage continuity |
| Response when something slips through | Whoever is free | In-house 24/7 SOC |
What types of email attack does it stop?
Email attacks split into a handful of repeatable patterns, and a layered service is built to counter each one. Filtering and sandboxing handle malware; authentication handles spoofing; behavioural detection and trained staff handle the social-engineering attacks that carry no payload at all.
- Phishing — mass emails impersonating banks, HMRC or Microsoft to harvest credentials.
- Spear-phishing — researched, personalised attacks aimed at finance and IT staff.
- Business Email Compromise — payment-fraud impersonation that uses trust, not malware.
- Malware delivery — macro documents, ZIPs and links that drop ransomware or remote-access tools.
- Spoofing — mail forged to look like your own domain, which DMARC, DKIM and SPF shut down.
How do DMARC, DKIM and SPF protect your domain?
DMARC, DKIM and SPF are DNS records that let receiving servers verify mail genuinely came from your domain. SPF lists your authorised senders, DKIM signs each message cryptographically, and DMARC decides what happens to anything that fails. Together they stop attackers sending mail as you.
We deploy DMARC in monitoring mode first, review the aggregate reports, clean up legitimate senders, then move to `p=quarantine` or `p=reject` — so enforcement never blocks real business mail. Microsoft's own guidance on email authentication is documented at learn.microsoft.com.
Microsoft 365 email security vs a managed service — what's the difference?
Microsoft 365 includes real protection: Business Premium ships Microsoft Defender for Office 365 Plan 2 with Safe Links, Safe Attachments and anti-phishing policies. The catch is configuration — the default settings are not the most secure settings, and Basic and Standard tiers only include Exchange Online Protection.
AMVIA audits your licence, tunes Defender to a hardened baseline, and adds the Barracuda email gateway where the tier needs more — sandboxing, archiving and continuity. For deeper Microsoft hardening, see Microsoft Defender for Business. Regulated firms — for example SRA-regulated law firms — also get archiving that supports FCA, SRA and GDPR retention obligations.
How much does managed email security cost?
For businesses already on Microsoft 365 Business Premium, AMVIA's management service costs from £5 per user per month, covering Defender tuning, DMARC implementation and phishing simulations. Where a tier needs a third-party gateway, expect £3–£8 per user per month for the gateway licence on top of management.
The underlying Microsoft licences are list-priced (ex VAT, annual) on microsoft.com/en-gb: Business Basic £4.60, Business Standard £9.60 and Business Premium £16.90 per user per month. Premium is usually the cheapest route to strong email security because Defender Plan 2 is bundled in.
Frequently Asked Questions
It depends on your licence and configuration. Business Premium includes Defender for Office 365 Plan 2, which is strong once tuned, but Basic and Standard only include Exchange Online Protection. Default settings are rarely the most secure. AMVIA audits your tier and adds a Barracuda gateway only where it genuinely improves filtering.
BEC is fraud where an attacker impersonates an executive or supplier to authorise a payment or data transfer. It carries no malware, so traditional filters miss it — it exploits trust, not technology. Overall IC3-reported cybercrime losses increased 33% from 2023 (FBI IC3 2024 report). AMVIA adds behavioural detection that flags impersonation by sender patterns.
Yes. Without all three, anyone can send email that displays your company name and domain as the sender. They are foundational protection against spoofing and impersonation and support common compliance expectations. AMVIA configures them in monitoring mode first, then moves to enforcement once every legitimate sender is verified, so no real mail is blocked.
Yes — sending staff realistic but fake phishing emails and training those who click measurably lowers susceptibility over time. Independent research points to large reductions across a year of regular campaigns. AMVIA runs quarterly simulations and reports click rates by department so managers can target training where it is needed.
Most engagements start with a free security audit of your current DMARC, filtering and licence position, then a phased rollout. Authentication records and Defender tuning typically go live within days; DMARC moves to full enforcement once monitoring reports confirm every legitimate sender, usually within a few weeks.
AMVIA holds Cyber Essentials Plus and is a Microsoft Solutions Partner — Modern Work, Security & Azure Infrastructure. Our security stack is built on Microsoft Defender and the Barracuda email and network suite, monitored by an in-house 24/7 SOC. One provider, security-first, Microsoft-certified.
One Phishing Email Could Cost You £125,000 — Check Your Defences Now
Get a free email security assessment — we will check your DMARC configuration, review your filtering policies, and identify gaps in your protection. Takes less than 2 minutes. No commitment.
Related Resources
Microsoft 365 Security
Full M365 security management including Defender for Office 365 configuration.
Managed Cybersecurity
End-to-end managed security covering endpoints, email, network, and SOC monitoring.
Endpoint Security
Protect your devices from malware delivered via email attachments.
Cybersecurity for Law Firms
Email security and compliance for SRA-regulated law firms.
How to Protect Your Business from Phishing Attacks
In-depth explainer on how to protect your business from phishing attacks for UK businesses. Key concepts, best practices, and practical…
Microsoft Exchange Online Protection Explained
In-depth explainer on microsoft exchange online protection explained for UK businesses. Key concepts, best practices, and practical…
Email Archiving and Compliance for UK Businesses
Explore AMVIA's Email Archiving and Compliance for UK Businesses — professional IT solutions designed for UK businesses seeking…
85% of breaches start with email → Get My Free Email Security Audit