What was once a simple nuisance is now a major scourge of the modern era. Email attacks are more prevalent now than ever.
The Email Threats Numbers are Astonishing
According to the 2019 Data Breach Investigations Reports by Verizon:
- 32% of breaches involved Phishing;
- The median company received over 90% of their detected malware by email;
- Email remains the most common point of entry of Malware installation.
- Ransomware is predicted to cost companies $11.5 billion in 2019 alone. That number was ‘only’ $5 billion in 2017 and as low as $300 million in 2015.
And if you consider that 91% of Cyberattacks starts with a Phishing email, you understand how alarming the Email attacks can be to your organization.
However, and despite the evidence, many individuals and companies are not doing enough to protect themselves. They are not investing enough in email protection and other forms of cybercrime protection, and they are not prepared adequately to respond to most types of cyber attacks. 2018 Hiscox Cyber Readiness Report states that seven out of ten companies are not ready for this type of attack.
According to IBM’s 2018 Cost of a Data Breach study, the leading causes of most data breaches within businesses are malicious and criminal attacks. They amount to 48% of all data breaches, but 27% is due to human error and 25% due to glitches within internal systems. The same report stated that globally, the average cost of a data breach is now $3.86 million.
When you take a look at all of these compelling numbers, it becomes clear that investing time and money in email protection is vital for every company.
How to Prevent a Devastating Email Attack on Your Business
As we’ve already mentioned, a sizable percentage of all data breaches occur due to human error, which means that both you and your employees need to learn how to be vigilant.
You need to be proactive by staying up to date on all the latest news and techniques used by hackers.
Furthermore, when it comes to emails themselves, everyone in the company needs to learn to identify that an email address is legitimate (sender and intentions are clear), and to take a good look at each link or attachment they receive via email as well, or a website that looks legitime but asks you to download malware or entering your confidential information. All of that goes for those regular-looking emails from a colleague, a customer, a supplier, a partner, a bank, etc. Those kinds of emails can easily be fake. For complete safety, it’s best to avoid clicking on any money-related link from an email – if you know what it is, then you should type it yourself.
You need to create a safer digital culture in your company. By that, we mean all of the above, but you also need to train everyone not to divulge their work passwords to anyone, not even people within the company. Those same passwords need to be changed regularly and preferably using two-factor authentication.
In the end, it’s best for everyone to learn to ignore suspicious requests like account and file transfers, or those for sharing sensitive data.
When it comes to security, your company should make sure that:
- Your endpoints are protected (anti-virus and password vaults, for instance)
- Your networks are protected (a good firewall should be in place, for example)
- The inbound and outbound communications are safe (and advanced email protection software should take care of email systems).
- And you should consider filter for chat, Video, and Mobile communications as well.
With all of this email protection and more in place, you can be positive that your company will be as safe as it can be from potential email attacks and other cyber threats.
Try for free an Email Security Solution designed to prevent your business email communications from being compromised by phishing and malware.
Author: Rui Serra
With degrees in Computer Engineering and Marketing, Rui started his career managing training documentation for IT Training and consulting firms. He then joined Nokia Siemens Networks as a Documentation Specialist and Project Scrum Master before joining AnubisNetworks in 2009, where he has advanced from managing documentation to Product Manager for the growing Product Portfolio.