Improve productivity with advanced graymail filtering

Egress | 30th Nov 2023

Graymail is a nuisance. While the emails are technically solicited, graymail has long been seen to hinder organizations' productivity by distracting employees from messages that matter.

When we published the Phishing Threat Trends Report in October 2023, we wanted to look at cybersecurity in a more holistic way and one of the recurring themes that came up in our research was graymail and the effect it can have on productivity levels within a business.

Here are some key takeaways from the report, analysis of the greater consequences for productivity, and insight into a brand-new feature that Egress Defend now offers to fight back against the influx of graymail seen by business employees.

Graymail clutters mailboxes and distracts employees

With busier mailboxes comes a higher likelihood of losing an important email. While graymail is not malicious in the same way as phishing, the volume that users receive can often cause issues. According to Mail Manager, 56% of the participants in their research study said they have been unable to locate specific documents and files, which has hindered their ability to do their jobs efficiently.

Our analysts determined that on average, graymail makes up 34% of an employee’s inbox. The volume of graymail received increases with the seniority of the recipient – executives' mail flow is 54% graymail, on average. Of the graymail received, only 3% of it is opened.

Time wasted investigating graymail incorrectly reported as phishing

The administrative burden of sorting through emails incorrectly reported as phishing can be substantial.

As cybersecurity training is emphasized more in professional environments, employees are becoming more aware of phishing and the threat it poses. According to our research, graymail is 12x more likely to be reported as phish, therefore increasing the admin overhead.

Industries with the highest incoming graymail volume

It’s inevitable that industries with large email footprints will receive increased graymail volumes. According to our researchers, there are five stand-out industries that boast the highest rates of graymail.

  • Human Resources
  • Marketing
  • Legal
  • Finance
  • Education

Most popular days for graymail

In researching the Phishing Threat Trends Report, our team tracked graymail volumes according to the days they were sent. It’s likely that graymail senders follow the Monday to Friday working week while aiming to avoid the activity of the start of the week and instead trying to engage more easily distracted employees midweek and when winding down for the weekend on Friday.

Average graymail volume per day

More graymail means more phishing emails

We found a direct correlation between the volumes of graymail and phishing emails received. Cybercriminals will attempt to disguise their phishing emails in an already busy mailbox. In the last year, we’ve seen an increase in impersonation attacks mimicking graymail messages, like SharePoint reminders or notifications from social media sites like Facebook or Instagram.

How does Egress Defend help?

In a new feature release, Egress Defend now provides advanced graymail detection, automatically filtering graymail into a dedicated folder. This means employees’ mailboxes are free of clutter without anyone having to manage that process manually. By prioritizing what mail users see in their inbox first, employees are empowered to focus on work-related mail more quickly, improving productivity and reducing the frustration of sorting through unimportant mail.

As cybersecurity awareness in the workforce grows, administrators can become overwhelmed by the volume of suspected phishing emails reported to them. While a cautious approach is preferable, it is not the best use of administrators' time to investigate graymail incorrectly reported as phishing. Moving graymail out of the main inbox flow means fewer false alarms.

Defend applies a dynamic and interactive graymail banner to each email within the graymail folder and if the user clicks on that banner, they’ll be taken to a summary page where they’ll be able to report the email as a phish or to divert the email to the inbox and automatically reclassify future emails.

Within the Defend dashboard, the security team can enable or disable two user inputs. This allows businesses to refocus their employees and enable them to engage with only the emails that matter, without adding an investigative burden onto their security teams.

If an unwanted message reaches the main inbox, users can reclassify it as graymail manually.

Graymail is more than just a nuisance to users; it drains productivity and means time is wasted on mail that doesn’t matter. Businesses around the world are waking up to the problem that graymail poses and the cost of doing nothing will increase as time passes.