VIPRE - Misaddressed Emails Are Today's Top Cyber Threat - SafeSend Catches Them Before They Happen
May 5, 2025 - Human mistakes in email communication are an invisible but massive risk which traditional security tools barely address.
In this exclusive interview with SafetyDetectives , Usman Choudhary, Chief Product and Technology Officer at VIPRE Security Group, explains why misaddressed emails are one of today's biggest cybersecurity threats, and why training employees alone isn't enough to prevent it.
He shares how VIPRE's unique solution, SafeSend, interrupts mistakes before they happen, empowering employees and reducing IT overhead.
In 2-3 sentences, why does your company exist? What's the fundamental pain point or flaw in your industry it was designed to solve?
Protecting what's most important for organizations, from families to businesses, is our biggest priority and why VIPRE is focused on providing modern, enterprise-level security solutions that excel at protecting people and productivity while also providing solutions to small businesses and individuals that have different requirements and needs than large-scale enterprises.
Supporting individuals and smaller organizations with powerful security defenses improves the security of everyone. We are always exploring approaches that will have the most impact on an organization's security, potentially plugging gaps in an organization's security defenses, including our data loss awareness application, SafeSend.
Going more into details, what makes this problem so severe in your industry that you set out to create your own solution to solve it?
Human error remains a top cause of data leaks, and one of the most risky mistakes today is the unintentional sharing of confidential information through misaddressed emails or mistaken file attachments.
In recent surveys, up to 58% of employees admitted sending emails to the wrong person.
In a typical enterprise with 5,000 employees sending about 190,000 emails daily, even a 0.05–0.1% error rate leads to 23,750 – 47,500 misaddressed emails annually.
It's hence no surprise that misaddressed emails are a leading cause of data breaches. According to the UK's Information Commissioner's Office (ICO), wrong email sends accounted for 18% of reported breaches over a three-year period, surpassing even phishing attacks.
And the risks go beyond breaches: there are regulatory violations, brand damage, and financial penalties at stake.
What kind of people or organizations are most affected by this issue, and why are they still stuck with it? What are the risks of not solving this problem?
Healthcare organizations, financial institutions, law firms, government bodies, and educational institutions are among the most vulnerable:
- Healthcare organizations manage vast amounts of personal health information (PHI). Misdirected emails from these organizations can lead to violations of privacy regulations like HIPAA, resulting in substantial fines and loss of patient trust.?
- Banks, insurance companies and other financial institutions handle sensitive financial data. A misdirected email can expose confidential client information, leading to regulatory penalties and reputational damage.?
- Law firms deal with confidential client information and legal documents. An email sent to the wrong recipient can breach attorney-client privilege and compromise legal strategies.?
- Government bodies often handle classified or sensitive information. Misdirected emails can lead to national security risks or public trust issues.?
- Educational institutions manage student records and research data. Sending information to unintended recipients can violate privacy laws and affect institutional credibility.
Many of these organizations still underestimate how often human error occurs, and rely on traditional solutions that don't truly address the root problem.
What's everyone else doing to solve this problem, and why do you think these solutions are flawed? What should they do instead?
Current approaches either react too late or overload already stressed IT teams.
Most organizations rely on user training alone. But training doesn't account for reality: employees get distracted, stressed, or rushed, and mistakes happen anyway.
It's easy, for example, to lose track of CC'd and BCC'd recipients, opening up the possibility of including the wrong recipient(s). Autocomplete does not help in these situations, as it can suggest someone the employee was not intending to email. This happens especially when the names of recipients are very similar to other contacts.
Some companies also implement DLP (Data Loss Prevention) platforms that block risky emails after they're sent. But these systems generate a flood of alerts that security teams — often understaffed — must manually review, creating bottlenecks and inefficiencies.
* What are data loss prevention DLP tools? Email Data Loss Prevention (DLP) platforms monitor email communications and access to email accounts to prevent sensitive data from being accidentally or maliciously sent outside an organization, helping to maintain regulatory compliance and protect confidentiality.
How does your solution fit into what you suggested, and how is your approach fundamentally different from what's already out there? What's the #1 thing you do that competitors CAN'T or WON'T do?
Differently from traditional DLP software, SafeSend stops employees before they send an email. It interrupts the sending process with an intuitive pop-up that forces employees to review recipients and attachments carefully before proceeding.
This simple pause reduces mistakes dramatically and relieves the burden on IT teams who would otherwise have to monitor and manage risky sends after the fact. And less work for IT teams means immediate cost savings.
Lastly, it also turns every email interaction into a mini training opportunity, building better habits over time without overwhelming employees or security teams.
Numbers speakSafeSend has now been deployed to 400+ Enterprise Customers with 500k+ users (in Stealth Mode), including large, trusted organizations and Fortune 500 companies, such as the New York Stock Exchange, Intel, KPMG, Deloitte, ADP, and more.
Safesend and all VIPRE solutions are available in Romania through Simple IT, VIPRE Partner in Romania.
About Simple IT
SIMPLE IT is a distributor for software solutions and hardware appliances, adding value with consulting, training, implementation, configuration and support services, backed by certified specialists, in order to offer the best IT experience to customers and partners. For more information, please visit www.simpleit.com.ro.