Case Study: StepStone slashes spear‑phishing by 75% and builds a human firewall with Mimecast

10 Million emails a month, 75% of which are spam

StepStone, a global job-site group operating in 21 countries, was receiving nearly 10 million emails a month—about 70–75% of which were unwanted—and facing hundreds of sophisticated, targeted phishing and impersonation attempts. With more than 140 different email domains and many customers who run small, potentially vulnerable domains, a narrowly avoided, high‑risk impersonation made clear that the existing defenses were insufficient.

StepStone implemented Mimecast’s combined email security (anti-phishing, anti-impersonation, anti-spam), IP/domain blacklisting and a Gold‑level implementation service; the phased rollout (partial use by March, complete by May) cut reported spear‑phishing incidents from 10.2 to 2.5 per month in environments covering 70% of the group and reduced eDiscovery search times to 1–2 seconds. They also added Mimecast Awareness Training with randomized tests to build a stronger “human firewall,” improving employee recognition of threats.

StepStone

Serge Groven

Corporate IT Manager