Email Security For Your Business

Did you know that email is one of the top ways that criminals use to exploit businesses? You can’t take this topic lightly in your business. When it comes to email-borne threats there are ways to reduce the likelihood and prevent most issues rather than spending time (and money!) cleaning up after an attack.

Here are the top threats coming into your inbox that you need to be aware of:

Email Viruses

*Macro virus: this is a virus that is written in macro language that is used by other software programs. Most often seen in Microsoft Word and Excel macros. This virus is spread through phishing emails containing attachments with malicious content which will them compromise the macros.

*Spambot programs: this is a virus that has been designed by cybercriminals for harvesting email addresses in order to build email lists for sending spam. This a way that the cybercriminals can collect email addresses and then use them to send email viruses.

*Email spam: a term that you may have heard before and it’s just that. These are unwanted emails that can spread malware via links or attachments that lead to malicious websites where the cybercriminal can steal your information.

*Virus hoax email messages: another term that is common. This is when emails contain a false warning about a threat that does not exist to trick the individual into clicking on the email or responding to which contains a virus. A lot of times the cybercriminals threaten the person to take some type of action which can also include forwarding the warning to others which can be a widespread virus.

Phishing

Business Email Compromise

This type of email attack is one that has become popular these days which is where cybercriminals are attacking employees directly. What happens is cybercriminals will create email accounts that look almost identical to the actual company and send emails to impersonate the CEO or other executives to trick accounting or human resources to transfer funds or send out confidential information.

Cyber BEC (business email compromise) scams are not going anywhere either unfortunately either. A statistic that was alarming that I found stated that between October 2013 and May 2019, more than $12 billion in domestic and international losses were attributed by the FBI to business email compromise scams (Symantec 2019).

Personal Emails

Like using social media, leveraging an executive’s personal email account is commonly used as a way to gather information or to use as a more convincing business email compromise threat.

Solutions

As you can see there are many types of email threats that can affect your business so you may be wondering what are the solutions? In order to properly inform you of all the email risks and security practices, I have to include some solutions to prevent these types of cyberattacks.

Top 3 Email Solutions are:

Spam Filtering

This is one of the main ways of applying a filtering system to your emails. There are many sets of protocols that are put in place to determine which of the incoming emails are spam and which are not. Some of the filters include content filters, header filters, rules-based filters, and permission filters.

Spam filtering is very helpful and can prevent many spam emails that have infected email attachments that can have viruses to reach your inbox. This type of filtering is an extra layer of protection for your inbox essentially.

User and Awareness Training/Testing

Certain training is necessary so that employees are familiar with what phishing emails look like and other things to look for in case of a potential threat. Training can be in forms of test emails (where they do not know that it’s a test), live training, training videos, and procedures.

Crowdsourced Anti-Phishing

Resources: