Tag Archives: Email Security

How to prevent phishing attacks

In 2018, phishing attacks are still thriving and relevant. Phishing is a fraudulent action of sending a deceptive email in order to get end users to reveal personal information. No matter how big or small your company is – attackers masquerade as a respectable entity that will trick employees into trusting the sources. So what are some ways to prevent phishing attacks within your organization?

Stay in the know

New phishing techniques are being adopted continually, it’s important to keep employees in the know of the latest scams. Staying up to date on email scams will reduce the chance of employees falling victim to phishing. Furthermore, employers and employees should take the time to meet with cyber security professionals to learn of the latest ways to keep their inbox secure and best practices when opening emails.

Think before you click

When an employee receives an email from a trusted site or trusted source, its much less likely to be a malicious email. It’s common to receive emails from a reputable companies on the daily basis, this is why phishing is so common. Scammers disguise emails as reputable companies to increase their chances of getting the end user to click.

End users should hover their cursor over a link prior to clicking, the actual link address will show up at the bottom of the page. It’s important to make this a habit among employees, reading the link will allow for the site identification. When in doubt, go directly to the source rather than clicking an unverified link.

Education is key

The biggest step an employer could take to prevent employees from exposing themselves to a phishing attack: education. As a general rule, no personal or financial information should be shared over the internet. Users should never input sensitive information into links they clicked on over email. No email sent or received should have sensitive information. All websites visited should https:// and link checking should become habit.

As malicious email behavior continues, it is crucial for businesses of all sizes to educate themselves on the latest in cybersecurity. To learn more about CompuOne’s cybersecurity training, contact us today.

Is Your Email Secure?

In this day and age, one of the most commonly used forms of communication is email.  We use it at home, on our mobile devices, and in our workplace. This leads us to the question, what are workplaces doing to keep their email system secure from attacks? According to PhishMe, 91 percent of cyber-attacks start with an email. Email-based attacks come in various ways:

  • Phishing: Attempt to obtain personal information such as passwords and credit card details.
  • Spear Phishing: Personal and highly customized phishing attacks. This is a type of phishing that usually will come from a trusted source and seem legitimate. Spear phishing is highly personalized, attackers usually have done research on the victim.
  • Malware: Malicious software in the form of attachments, links, and drive-by downloads. Malware is usually delivered by spam emails. Spam emails can appear to be sent by legitimate sources, which then increases the chance of download.

Email security solutions

Undoubtedly, organizations must provide protection for their employee’s email communication. Determining the best solution for email security varies from business to business, you should carefully consider what will protect your email communications from attacks.

  1. Endpoint Security: Endpoint security is the process of securing various endpoints in a network, mostly end-user devices such as smartphones, desktops, laptops and tablets. Endpoint security systems can either be a software application or hardware that allows the system admin to manage and discover any devices trying to connect to the network. This will prevent from malware downloaded on the network, but will not prevent from phishing.
  2. Anti-Spam: Anti-spam is software, hardware, or even a process that combats spam by filtration. It is key to realize that not one anti-spam method is perfect, end users should be encouraged to be careful about providing corporate email address information. Anti-spamware can be installed to strengthen the security level of your businesses email provider by conducting screening prior to delivery.
  3. Secure Email Gateways: Secure email gateways come in many forms: public cloud-based, hybrid cloud based, hardware, virtual appliance, and email server based. Secure email gateways monitor emails being sent to a company and prevent unwanted content from being delivered. Secure email gateways prevent from malware, phishing, and spear phishing.
  4. Email Security Training: Human error is considered the biggest risk in email security. End users can click on malicious links, fail to keep their security solutions up to date, and divulge confidential information about the company. Training employees on cybersecurity and email best practices is crucial in preventing unwanted content and unauthorized users.

Email security takeaway

Email security approaches differ from organization to organization, not one single approach will work for all businesses. Every business has risks, issues, budget restrictions, and current security solutions to consider. With that said, a strong well-implemented system should have multiple solutions to cover every end of the organizations network. Businesses should also set up a reporting system, where employees are able to report all suspicious emails in a convenient way.

No email security system is completely secure, but implementing the right solutions can maximize efficiency and minimize risk.

 


Learn more on email security by contacting us.