Email Security: Tips on how to keep safe

Email Security: Tips on how to keep safe

Email is the open door through which nearly all vital business communication flows and where virtually all cyberattacks begin. Email security must protect businesses against the email attacks criminals have honed.?

Email Security is the practice of protecting email accounts and communications from unauthorised access, loss, or compromise. Today we’re going to help you keep safe and how to identify simple, yet effective, spam email threats.?

First, we need to understand the different methods of email threats.?

  • Phishing: ‘Phishing’ is when criminals use scam emails, text messages or phone calls to trick their victims. The aim is often to make you visit a website, which may download a virus, or steal important information like credit card or other personal information.?

  • Malware: Emails can carry malware directly in their attachments or point recipients to malicious sites that deliver malware.??
  • Spam: Spam is unsolicited emails sent out in massive blasts. While modern spam filters and email providers catch and block most spam emails, it is possible that one might slip through and deliver malicious content.?

As of June 2023, the number of reports received by the NCSC stands at more than 21m reported scams. Which has resulted in 133k scams being removed across 242k websites1.?

How to spot a suspicious email?

Modern engineered emails often evade detection of spam filters due to their sophistication. They are configured to bypass the standard security methods, such as Sender Policy Framework (SPF) and SMTP controls and are rarely sent in bulk from blacklisted IP addresses to avoid being detected.?

  • Emails demanding urgent action?

Emails threating a negative consequence, or loss of opportunity unless urgent action is taken, are often phishing emails. Attackers often use this approach to rush recipients into action before they have had the opportunity to study the email.?

  • Emails with bad grammar and spelling mistakes?

Another way to spot phishing emails is bad grammar and spelling mistakes. Many companies apply spell-checking tools to outgoing emails by default to ensure their emails are grammatically correct. Those who use browser-based email clients, like Outlook and Google Mail, apply autocorrect or highlight features.?

  • Emails with an unfamiliar greeting?

Emails exchanged between work colleagues, or people you have a long-standing professional relationship with, usually have an informal salutation. Those that start “Dear” or contain phrases not normally used in informal conversation, should raise suspicion.?

  • Inconsistencies in email addresses, links or domain names?

Another way to spot phishing is by finding inconsistences in email addresses, links and domain names. Does the email originate from an organisation that you correspond with often? If so, check the senders address against previous emails.??

  • Suspicious attachments?

Most work-related file sharing now takes place via collaboration tools such as SharePoint, OneDrive, or Dropbox. Therefore, internal emails with attachments should always be treated suspiciously – especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, .scr, etc.)?

  • Emails requesting login credentials or payment information?

Emails originating from an unexpected or unfamiliar sender that requests login credentials or payment information should always be treated with caution. Spear phishers can forge login payments to look similar to the real thing, like Microsoft 365, that directs to a fake page.??

When it comes to email security, if you see something... say something!?

Very much like the age old saying around day-to-day safety in public, the same approach should be applied to your email security practice as well. Conditioning yourself and your employees on how to spot and report emails – even when opened – should be a companywide exercise.??

“If you see something, say something” should be a permanent rule, and it is essential that employees have a supportive process for reporting emails that they have identified or opened. That’s how we can help.??

How can Welcomm help??

We partner with the likes of Microsoft, Barracuda and Mimecast to provide tailor made, industry appropriate email security solutions to help you, your users, and your business stay secure when it comes to your email flow.?

Utilising best-in-class email security to protect against all email attacks, from phishing and ransomware to business email compromise and payment fraud. Work with us to implement and defend against the most sophisticated attacks with AI-powered detection.??

Over 90% of security breaches can be linked back to some form of human error, often in reaction to an email.

Working with Welcomm and our partners like Mimecast, you can help employees make fewer mistakes. Complement your email security solution with security awareness training designed to educate by entertaining, motivating and becoming unforgettable.?

Next Steps? Book an IT Consultation for Email Security?today!

要查看或添加评论,请登录

社区洞察

其他会员也浏览了