Email is not only one of the most important channels of communication in day-to-day business,
but unfortunately also one of the biggest gateways for cyber-attacks. When did email become
the weakest security link? These days we know that email can contain malicious links, but we
are not always trained to spot them, and sometimes we assume the spam filters will take care of
it for us. Email has become the weakest link, and its costing businesses hard money.
Fast, cunning and ever adaptable, cyber-criminals consistently find ways to penetrate your
security systems and get at your data.
Their best bet. Your employees.
When someone clicks, the attacker gains prolonged access to the system on average less than
two minutes after the email reaches the inbox.
Phishing attacks fall into the following categories: Credential harvesting, 41%; extortion, 8%;
malware, 51%; spear phishing, 0.4%
Unfortunately, this method has a high rate of success – in the hectic rush of day-to-day work,
the recipient opens the attachment, clicks on the links it contains or carries out instructions that
appear to come from the boss, without carefully checking the legitimacy of the message or
consulting in-house security experts. According to a worldwide survey carried out by B2B
International on behalf of Kaspersky Lab, 46% of all IT security incidents can be traced back to
such misconduct by employees.
The average employee received five phishing emails a week, and sometimes they can be very
convincing. The most successful phishing emails contain subject lines designed to scare or jolt us
into action. Phrases like ‘open enrollment’ and ‘grievance filed’ can make us believe something
needs our immediate attention, which hackers rely on.
The threat landscape is broad. One of the scariest things about ransomware is that cyber
criminals can purchase it as a service. Businesses have to protect themselves against both old
ransomware threats, like cryptowall and Locky, and newer threats, like cryptolocker, which
affected more than 500,000 people as recently as 2014. One of the primary methods for
spreading ransomware has been through spear phishing, so it’s as important as ever to be
vigilant when receiving an email message from someone you don’t know, or clicking on
embedded links or attachments in an unusual or suspicious email message.