Email is a vital part of business communication – now so more than ever. A growing amount of confidential information is being sent through email as more and more businesses take their operations to the home. However, this growth in remote working traffic spells trouble. Cyber security threats have increased from ransomware attacks trying to steal confidential information to email scams designed to exploit vulnerabilities.
At Exclaimer, we believe email cyber security is a top priority and not something to be left down to employees or considered an afterthought. With that said, what can email recipients and senders do to protect themselves? These are our tips and tricks to guard against cyber security threats and point you in the right direction…
Combatting phishing and malware
As an employee or business owner, you should be asking yourself if you would be able to detect a phishing email or malware attack? If the answer is no, getting a better understanding of email security can help prevent a breach.
Phishing emails are a cyber attacker’s attempt to get you to hand over sensitive information and personal data. The email message is usually characterized by four tell-tale signs.
Check the contact name and email address of the sender, too. With these emails threats, you’ll often find misspellings in the sender’s domain name and an address that doesn’t match.
Email cyber security attacks – like phishing attacks and malicious emails – are designed to create panic. If the messaging is telling you to do something right now – either by its wording or the threat of fines – this is an immediate red flag.
Keep an eye out for emails with an attached zip or ‘.exe’ file; these can also be harbouring some nasty surprises.
If you’re suspicious, just slow down and take your time looking at it. More often than not, you’ll get that ‘a-ha’ moment as one of these signs reveal themselves when looking with fresh eyes. And if you’re still worried, chat with your IT manager who will be an expert in email cyber security.
Spam, spam, spam…
Half of all emails are from spam senders and with billions of emails being sent daily, they can become a dangerous nuisance.
There’s not only the chance of malware finding its way into your inbox; an overload of spam can gum up the works, causing networks and servers to slow or crash. This will cost you time and money fixing a problem that could be easily avoided.
Bolster your email cyber security by checking your spam filter and toggling settings to redirect any questionable emails into a different folder.
Filters can’t stop everything, so you should become familiar with the signs of a suspicious email to make sure you aren’t caught out.
Whatever you do, don’t reply. Responding to these messages shows those orchestrating email cyber security attacks that your email account is still active.
Get some extra assistance in dealing with spam by making sure you have multiple layers of anti-virus security. Having the watchful eye of different anti-virus systems increases the likelihood of any nasty new malware, embedded within spam emails, being quickly detected and wiped.
Keep it legal
It happens to the best of us – attaching the wrong file in an email or sending to the wrong person. However, if you’re not prepared, it can have some serious legal implications.
Email cyber threats aren’t relegated to just stopping malware – they can be internal too. For example, not having a compliant email disclaimer in your signature can leave you in hot water – as discovered by an online vendor in England whose automated signature cost him £25,000 when it was considered to be ‘legally binding’.
Avoid this by removing any contract terminology in your disclaimer. Remove any terms that could be seen to be a legal agreement. It's also recommended that you let people know any views expressed in the email do not reflect those of the company.
Emails should also include relevant copyright and confidentiality statements for peace of mind. Countries/regions such as the United States and the European Union (EU) have their own set of email disclaimer laws. Brushing up on these can really help international businesses avoid getting caught out.
Follow the basic rules of effective email signature design too. Include only the necessary contact details along with a small, yet recognizable color palette. Avoid sending emails with private social media accounts, personal phone numbers, and addresses as these could attract some unwanted attention.
A centralized email signature management solution makes it simple for businesses to manage all employee email disclaimers, keeping them consistent even while your team is working remotely.
First line of defense
You can have the right security solution in place, but it won’t make a difference if your team isn’t clued-up on how to spot and stop an email cyber security threat in its tracks.
With over 30 percent of phishing emails making it past default security software, those on the frontline need to know how to protect against an email cyber security attack.
Create an effective ‘human firewall’ by organizing awareness training or an educational seminar from an email cyber security expert, to boost your team’s knowledge and confidence in detecting threats.
Try tailoring your training specifically to your company’s needs to keep everything relevant and streamlined. For example, small businesses relying heavily on email communication should prioritize training for avoiding phishing scams and malware, and spotting fraudulent content in real-time.
The modern move to remote working has seen a rise in ‘Bring Your Own Device’ (BYOD) policies. This brings many new cyber security challenges for businesses.
Teams are now trusted to set up their own kit correctly. However, it’s difficult for businesses and IT managers to stay on top of all outgoing emails.
This works both ways though. Employees often worry about logging into work apps on the same devices they use for their entertainment. They also don't want their company to cause personal data loss through its security protocols.
To get around these issues, introduce Mobile Device Management (MDM) software on personal devices. This lets businesses control the range of tech used by its people. MDM systems keep company information in one secure place, separate from personal apps. This means employees can use their devices for personal and business use, without mixing the two or compromising cloud security.
In addition, make sure basic email security software is installed on all devices. Password-protected files, firewalls, and anti-virus software are a must for any devices used to access company files.