What is the best strategy for businesses to protect against ransomware, spam phishing and spoofing attacks? There are many strategies for safeguarding against these threats. By far the most effective is user awareness and education. For malware and ransomware to infect successfully it needs some kind of user interaction.
Your users are human firewalls, the last defence of your organization. Cyber attacks are still able to breach companies from time to time despite elaborate multilayer security architectures. This is especially true when it comes to email. Email security is essential for all organizations today, as it’s the most popular method for hackers to deploy malicious code. According to IBM’s X-Force researchers, more than half of all email is spam. We see our spam filtering service SpamTitan blocking over 70% of email as spam.
Considering that there is somewhere in the neighbourhood of 300 billion emails sent every day, one can begin to understand the overwhelming task undertaken by email security companies. Considering the vast amount of spam out there, an email security solution that cannot reliably claim a spam catch rate of at least 99% should not be an option today. Because email continues to be the primary communicative medium for business you also need a solution with a false positive rate at or near zero.
The majority of spam is harmless other than being a drain on productivity, the task of sorting through unsolicited email that comes through or clicking advertising links. Only a small percentage of spam actually contains malicious code. According to Symantec, one in nine email users encountered email malware in the first half of 2017. Users are twice as likely to encounter malware through email as any other delivery method.
Part of this is due to the innovation of malware creators. According to Kaspersky Lab, their labs processed an astounding 360,000 new malicious files on a daily basis in 2017. That was up 11.5% over the previous year. This is why it is so important to choose an email security solution with integrated anti-virus protection. It’s no longer just blocking spam. Your solution must also block viruses, malware and links to malicious websites.
Another reason why users continue to be exposed to email malware is the growing sophistication of phishing attacks. According to an article in TechRepublic, 90% of phishing emails captured from March to November 2016 contain spear-phishing components designed to impersonate a person. These types of attacks strive to mimic an internal email, middle manager, senior executive or trusted source in order to trick a user into giving up financial information or confidential data. Impersonation or spoofing attacks have experienced a 50% quarter-over-quarter increase in 2017. They are currently the fastest growing form of email-based cyberattack.
If one out of nine of your users will be exposed to malware-laced email despite the presence of an email filter, then it is imperative to create an email watch program within your organization. While security vigilance will never replace a filtering system due to the colossal numbers of email attacks, a security-minded workforce could serve as the last line of defence that can protect your enterprise. One of the first steps to take is to create new policies that limit scam avenues.
Every organization needs to provide a minimum level of training for their users to help them identify phishing attacks. Some of the signs they need to be able to identify are as follows:
Security awareness training and phishing email simulations can reduce susceptibility to email-based cyber attacks by up to 95% according to several anti-phishing training firms, while a spam filter such as SpamTitan can ensure that employees are not tested. SpamTitan blocks more than 99.9% of spam emails, ensuring ransomware and other malware-laced emails are quarantined so they can cause no harm. Train your users to be sceptical of any email with embedded links or requests information that could be of value to someone. A healthy level of scepticism can be the saving grace that saves your company from a devastating attack.
Sign-up for email updates...