

























AI agents are now reading and writing emails before humans ever see them. What was once a human-centric communication channel is quickly becoming an AI-driven workflow, and that shift introduces a new and largely unprotected attack surface.
Much of the industry’s recent attention has centered on EchoLeak, a vulnerability demonstrated in Microsoft Copilot. Researchers showed that a carefully crafted email could influence Copilot’s behavior and potentially expose sensitive information without the user clicking a link, opening an attachment, or taking any action at all.
The importance of EchoLeak was not that it revealed a flaw in a specific product. It showed a fundamentally new attack model. Attackers no longer need to deceive users if they can manipulate the AI acting on their behalf. While individual vulnerabilities can be patched, the broader implication is more significant. Attackers have already recognized a critical shift: AI systems themselves have become valuable targets. Malicious content can be injected into emails to manipulate how an agent summarizes, prioritizes, or even responds on behalf of an employee.
Traditional email security has focused on stopping threats after delivery. Vendors have promoted this model as a reliable way to catch what slips through. But in an agentic environment, post-delivery controls are too late. AI agents can process and act on an email instantly, meaning the impact occurs before any human review.
Email Agent Hijacking (EAH) represents this new reality. EAH occurs when attackers embed instructions within emails, signatures, attachments, or other content specifically designed to influence how AI systems interpret information, make decisions, or trigger actions.
Rather than targeting the user, the attacker targets the AI agent consuming the content. It shifts the focus from protecting users to protecting AI systems themselves. Reader agents must be shielded from malicious inputs, and writer agents need a validation layer to ensure their outputs are safe, accurate, and aligned with corporate policy.
This is where innovation is critical. Check Point is the first company to address EAH by securing both the content AI agents consume and the content they generate. This protection prevents inbound email content from influencing AI behavior and validates AI-generated outputs before they are delivered, helping organizations reduce risk across the entire communication lifecycle. Check Point’s approach enables businesses to adopt agentic workflows with confidence while maintaining security, accuracy, and trust.
EAH represents a fundamental evolution in email threats and a clear signal that security strategies must evolve alongside AI. As agentic technologies become embedded throughout business communications, organizations need safeguards that protect not only users, but also the AI systems that consume and generate email content.
To learn more about this emerging threat category, join Check Point’s webinar, Why Email Agent Hijacking Marks the End of Post-Delivery Email Security, on Wednesday, July 22. The session will explore how email attacks have evolved in the age of AI, why traditional post-delivery approaches fall short, and what organizations can do to protect AI agents from malicious inputs while ensuring AI-generated communications remain trustworthy.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。