There are a variety of email-based attacks that you should be aware of to protect your company against. Hackers are using the full range of techniques to comprise your email security. Phishing, spear-phishing, whaling, business email compromise (BEC), CEO/CFO scamming, and employee impersonation. Most companies have few technical barriers to guard against these types of attacks.
Some believe that training and awareness is the key to this, but 2/3 of inbound phishing attacks use a company’s domain name in the from the field, making it extremely hard to detect. Training is a great place to start, but it isn’t the only option. There are couple of trends in 2019 that email security pros will be following.
1.Using Strong Passwords that are Unique
More complex the password, the more time it takes for the software to figure it out. The below suggestions are essential for a strong password.
- Use upper- and lower-case letters; Use numbers and special characters
- Use random numbers and letters rather than words
- Avoid common letter-number substitutions
- Think of phrases rather than words
2. Using Two-Tier Authentication
It is a guaranteed way to add an extra layer of protection to your emails. There is software available to help you add this extra layer of protection to provide you with email security. Even if a criminal manages to get the password to your account, it will still require a code to get into your account. Codes are usually sent via a text message.
3. Watch out for phishing emails
Hackers will use this technique to steal email and account information by tricking individuals into handing over their details. The process usually works like this:
- The hacker sends emails that contain a link to a site you know.
- The victim clicks the link and finds themselves looking at a familiar website.
- That is often their bank or something similar, but the site is fake.The victim then enters their email address and password to log into their account.
- The fake phishing site steals the email and password before passing it back to the hacker.
4. Never Open Unexpected Attachments without Scanning
As a business, you will receive emails that contain file attachments. That is not a problem when you are expecting it. On occasion, your company will receive emails from an unknown source and contain files for you to open. Don’t go straight to putting these into the trash bin, because some of these emails maybe legit from new clients or customers.
So, you need to invest in email threat protection systems to help scan your emails for malware to let you know if any emails are infected emails.
5. Keep Company Emails Address for Company Use Only
Discouraging your employees from using company communication systems to talk to friends, shop online, or do anything that does not relate to their job roles. You will limit the chances of hackers targeting your email system.
Limiting smartphone connection to office main WiFi system will help your system stay under the radar and avoid hackers.
7. Never access emails from public WiFi
Public WiFi is never secure, and there are several ways for hackers to pass through the network to gather your information. Hackers only need a simple setup to be able to do this. If you access your work email on a public WiFi network that can open the door for them to be able to come in and view your sensitive data.
If you need to access their messages outside of the office, make sure they connect to a secure WiFi.
8. Never Click the “Unsubscribe” Link in Spam Emails
If you feel like you got a phishing email, be careful clicking the unsubscribe link. If you do click it, there is a chance you will land on a phishing site that will attempt to gather your information or provide a back door into your system. Just make mark it as spam and delete.
Remember Safe Email Security Practices
Following these suggestions is just a start. Abacus Technologies can help your company put together a comprehensive plan to make sure your company is well protected. To find out more, please visit here.