advisory
LBV hub
IT and technology
In this technical glimpse, we take a look at the many email security threats businesses face and what businesses can do to mitigate them, along with the help available to combat these threats effectively.
Email accounts for most security breaches
Prioritizing email security is important as most cybersecurity breaches involve email, with social engineering being a heavily preferred tactic by cyber criminals and 99 percent of email attacks relying on victims to click links (Proofpoint Annual Human Factor Report).
Types of email-based attacks
The many different types of email attack threats faced by organizations include targeted phishing schemes, business email compromise, and ransomware attacks. For example:
Ransomware
Check Points’ mid-August security report this year showed that ransomware (extortion) attacks have increased dramatically over the past year, with 93 percent more attacks carried out in the first half of 2021 and ransomware now in 10 percent. shows up percent of violations (Verizon).
Phishing
This cheap, simple, and highly effective tactic uses emails purportedly from legitimate sources that contain links that redirect the victim (when clicked) to pages where payment and other personal information is stolen or malware is downloaded. At the end of 2019, for example, Thomas Cook customers fell victim to phishing attacks in the course of the travel company’s bankruptcy. Verizon’s Data Breach Investigations Report 2021 shows that from August 2020 to August 2021, phishing increased 11 percent and that phishing occurred in 36 percent of security breaches. The National Cyber Security Center offers advice on protecting your company / organization from phishing attacks here: https://www.ncsc.gov.uk/guidance/phishing.
Malware
Malware attachments to emails: It is estimated that a company is attacked by a ransomware attack every 11 seconds (Kaspersky). Between 2019 and 2020, ransomware attacks increased by 62 percent. Malware is now involved in over 70 percent of system penetration (Verizon). Common forms of malware are viruses, worms, Trojans, spyware, adware, and ransomware. Remote Access Trojans (RATs), for example, are malicious programs that arrive as email attachments that provide a “back door” to administrative control of the target computer and that can be customized to avoid detection and other types of attack tactics including disabling anti-malware solutions and enabling man-in-the-middle attacks.
BEC and VEC
While Business Email Compromise (BEC) attacks have been successful at using email fraud in combination with social engineering to trick one employee into sequentially scooping money from a targeted organization, security experts say this type of attack is effective evolved to a large number major threat from ‘VEC’ (Vendor Email Compromise). This is a larger and more sophisticated version that, with email as a key component, tries to exploit companies against their own suppliers.
AI-based threats
Many technology and security experts agree that AI is likely to be used in cyberattacks in the near future and its ability to learn and try again and again to achieve its goal (e.g. in the form of malware) turns it off a formidable threat. Email is the most likely means by which malware can reach and attack networks and systems. As a result, there has never been a better time to up your email security, educate staff about malicious email threats, and how to identify and deal with them. Adding AI to the mix can make malicious emails more difficult to detect. The good news for businesses, however, is that AI and machine learning are already in some antivirus programs (ex.
Protect your email from common threats
Ways to protect your email from common security threats include:
- Always keep antivirus and patches up to date.
- Training and further education of staff; eg how to identify suspicious emails and what to do / what not to do, such as not to click on links from unknown sources.
- Disable HTML emails if possible (only text emails cannot launch malware directly).
- Encrypt sensitive data and communication as an additional layer of protection.
- Start the routine of checking your bank account activity for suspicious charges.
- Ensure critical and sensitive corporate data is backed up and incorporate business email tradeoffs (BEC) into business continuity and disaster recovery planning.
- Prevent email archives from being made public; for example, by ensuring that archive storage drives are configured correctly.
- Monitoring for disclosed credentials (especially those from finance department emails).
- Use two-factor authentication (2FA) whenever possible, and corporate users may want to block .html and .htm attachments at the email gateway level so they can’t reach employees, some of whom may not be at the Your internet security knowledge is state of the art.
- Do not use the same password for multiple platforms and websites (password sharing). This is because in an attack, stolen credentials are likely to be tried (credential stuffing) on many other websites by other cybercriminals who bought / acquired them (e.g. on the dark web).
Broad methods and new approaches to email security
Other more comprehensive methods organizations can use to protect their email security include:
- Introducing a “zero trust” approach, “never trust, always check”, to corporate cybersecurity. The control that administrators have, as well as monitoring and alerting, can help to dramatically reduce risks, including corporate email.
- Transition from perimeter to penetrative email security, such as B. suggested by Mimecast CEO Peter Bauer. This includes dealing with threats to the perimeter, from within the perimeter and from outside the perimeter, as well as an API-led approach to provide end-to-end security in all zones.
Help from the technology company
Ways technology companies offer to help businesses and organizations protect their email include:
Microsoft
Outlook Junk E-mail Filter and Message Reporting Add-in for Outlook.
- Office 365’s Advanced Threat Protection (ATP) plans.
- Secure Score for Office 365 / Microsoft 365 Defender Portal – a way to measure and receive suggestions for protecting your company from threats via a central dashboard – learn more here: Microsoft Secure Score | Microsoft Docs
- The Campaign Views tool in Office 365, which provides better protection against phishing attacks by allowing organizations to see the pattern of a phishing campaign in individual messages.
- Provide online advice about protecting Outlook email accounts – see Help protecting your Outlook.com email account (microsoft.com).
- Microsoft is making its Plus Addressing (one-way) custom email feature available to all Office 365 users by adding them to Exchange Online.
Google also offers a number of tools and suggestions, including:
What does this mean for your company?
With so many types of attacks relying on email as a gateway (e.g. phishing), effective email security is critical.
Businesses and organizations need to ensure that they are not only prepared to defend themselves effectively against the full range of email attacks, but also that they are able to identify and remediate threats immediately and ensure that employees are E – Know about email threats and what to do when faced with suspicious emails and links.
In addition, attackers adapt their campaigns and methods very quickly and use methods that can circumvent more common protection solutions (ie “polymorphic” attacks) that, in addition to known vectors, can effectively focus on zero-day and targeted attacks.
With the threat of AI-based attacks on the horizon, it has never been more important for organizations to consider what else they can do to maximize their email security.
about us
The J700 Group is a Lancashire-based, family-run, professional and responsive managed solutions provider supporting businesses, the education and healthcare sectors in using innovative IT consulting services, cloud solutions, cybersecurity, Microsoft 365, telecommunications and web design, and SEO -Solutions to take your organization to the next level and beyond.
As an experienced IT support provider to assist businesses in Lancashire and Manchester when they need assistance with their IT, including IT hardware, a disaster recovery policy, or managed backup solutions; Call us today: 0333 7721 700 to find out how we can help your business.
Where to find us: Prinny Mill Business Center, 68 Blackburn Road, Haslingden, Lancashire, BB4 5HL
