New malicious email campaigns are being launched every day are you fully protected?
Spam emails, we all get them and most are captured by our built-in spam protection (normally part of our Anti-Virus solution or email provider) placing them in to our JUNK folders for us, but some get through, what can you do to stop this for you and your team?
Spam protection works by filtering the email with certain properties i.e. words in the subject, from a known spam email address, IP or domain. Words in the content, the number of addresses in the To;, cc; etc. -lots of different ways and variations to which ever provider you use.
Some spam solutions can be configured and restrictions increased however there is a balance to achieve so non-junk/spam emails still get through as you may miss that vital email. You may find it easy to spot spam emails or know the techniques to check them out by running the mouse over the hyperlink which says one address but actually opens another one. You may also know that you aren’t expecting an invoice for payment from the address you received. So, you may feel confident that any spam emails that get through the filter you can deal with -great!
Can you be 100% confident and put your whole business on the line and say every member of your team is as precautious as you and won’t fall for a spam email?
What happens if they receive an email from you with a slight variation to your domain red-fusion.co instead of red-fusion.co.uk with a malicious link in it -will they click on the link or open the attachment? Or one of your customers or suppliers whose emails have been hacked and the hackers have sent emails out from their email address to your team asking them to open a Dropbox file?
It does happen and more and more often.
It’s a worrying thought that the business you have worked so hard to build up could be compromised by one spam email that’s got through the filter and been opened and actioned!
So, what can you do?
The first thing is to make your team aware and make sure new team members are briefed on day one. There are some great scam email examples pictures online to use for this.
Review your current Spam protection facility within your Anti-Virus solution or email provider, can you configure it yourself? Is it up to date, what filter techniques does it use?
Then look at added protection, another layer, there are some really good solutions out there that scans every email that comes through and looks at the hyperlinks and attachments for malicious content in real time. If you are an Office 365 business user then Microsoft provide an Advanced Threat Protection subscription for as little as £1.50 per month.
ATP (Advanced Threat Protection) scans every email as it appears in your inbox and goes through a real time behavioural malware analysis that uses machine learning techniques to evaluate the content of the attachment for suspicious activity. Unsafe attachments are quarantined and the email can still arrive in the users inbox without the attachment or the whole email and attachment placed in quarantine or deleted. If the email contains a link to a website, ATP scans the link in real time and rewrites the link sending the user to an Office 365 page, warning them not to continue.
Here is an example of how it works:
Email recieved in my inbox.
I straight away clicked on the link "Get More Free Space" not thinking!...
Luckily with ATP in place I am re-directed to..
"Phew!, saved from a possible disaster!"
If you want to know more or find out if ATP can work for you -get in touch.
If you are not an Office 365 Business user, don't worry we have other great solutions that work in the same way!
Thanks for reading -Phil Saville