Due to wide range of users, email had emerged as one of the preferred method to intrude Local area networks and end users. In this paper we examine the characteristics of various email security threats and the technology used by attackers. In order to counter defense technology, attackers change their mode of operation frequently. The continuous evaluation of attacker's pattern will help the industry to combat attacks effectively. In our study, we collected several thousand spam from a corporate server for a period of 12 months from Jan 2012 to Jan 2013. From the collected data, we identified various types of security threats through email and the attacker's mode of operation. We believe that this study will help to develop more efficient and secure methodologies against security threats through email.