In 2018, the email service is the most popular target for hackers, so it’s crucial that enterprises and individuals take the necessary measures to secure their email accounts against common attacks as well as attempts of unauthorized access to email accounts or other means of communication.
Malware sent via email messages can be devastating
Phishing emails sent to employees often contain malware within attachments designed to look like legitimate documents or include hyperlinks that lead to infected websites. As you probably know, opening an email attachment or clicking a link in an email is enough to get hacked.
Phishing emails can also be used to trick recipients into sharing sensitive information
Usually, the attackers seem to be legitimate – trusted contacts. Phishing attacks against businesses often target departments that handle sensitive personal or financial information. In addition to impersonating known vendors or company executives, attackers, within their phishing emails, will try to instill a sense of urgency to put pressure on their targets and … unfortunately, this increases their success rate.
Phishing emails that are sent to steal relevant information typically require recipients to confirm their login information, passwords, social security number, bank account numbers, and even credit card information. Some of them even link to counterfeit (mirror) websites that look exactly like that of a reputable vendor or business partner to trap victims into entering personal or business-related information.
FYI – a recent Clutch study reveals that 46% of entry-level employees don’t know whether their company has a cybersecurity policy. There are multiple ways to secure your email accounts, but for enterprises, it’s a complementary approach involving employee education and relevant cybersecurity protocols (SSL, TLS etc.).
Best practices for email security include:
- Ongoing security education for employees, related to email security, risks and how to avoid falling victim to phishing attacks.
- Make sure your employees use strong passwords and change passwords regularly.
Use anti-spam solutions.
- Utilize email encryption software to protect both email content and attachments.
- Implement BYOD security policies, in case your organization allows employees to access business email from personal devices.
- Ensure that webmail applications utilize secure logins and encryption protocols.
- Implement security tools to scan messages and block emails containing malicious files before they reach their targets and use TLS – transport layer security protocols that provide communications security over a computer network.
- Implement a data protection solution to identify sensitive data and prevent it from being lost via email.
End users email security best practices:
There are also several other best practices that end users and employees should follow to secure their emails. Your employees must know how to avoid security incidents, but also how to reduce risks associated with email service.
Email security best practices for end users and employees include:
1. Never open attachments or click on links in email messages from unknown senders.
2. Change passwords often and use best practices for creating strong passwords.
3. Never share passwords with anyone, including fellow workers.
4. Try to send as little sensitive information as possible through email, and in case it is imperative to disclose such information, send the required information only to valid recipients, the ones you are familiar with.
5. Use anti-spam and anti-virus software.
6. When working remotely or on a personal device, use VPN software to access your business email.
7. Avoid accessing company email from public wi-fi connections.
Eventually, educating employees on cybersecurity and implementing the proper security solutions to protect email, companies can reduce risks that come with email usage and prevent malware infections or data loss through email.
At ComputerSupport.com, we take cybersecurity very seriously. With Secure.Email we provide a comprehensive email protection and continuity product that helps defend against the latest threats, from ransomware, spear-fishing, impersonation and other targeted attacks.