Don’t Talk To Strangers (Or In This Case, Open Odd Emails from Them)
Each year companies invest in new security technology and hardware, and devise more sophisticated ways to defend themselves from cybersecurity attacks. At the same time, the attackers themselves are investing in ways to circumnavigate these defences. While it is essential for companies to make these investments, the fact of the matter is that most breaches are as a result of human error. While BakerHostetler’s 2016 Data Security Incident Response Report, states that phishing/malware is actually the leading cause (31%) of cybersecurity incidents, with human error accounting for 24%, these phishing/malware incidents can often be traced back to human error or complacency.
We have no doubt over-egged the pudding with the title of this blog, but it is through phishing emails that these attackers are bypassing an organisation’s security. For those unaware, phishing emails are emails that contain links or attachments that once clicked, install a piece of malware which can compromise your system.
Failure to prevent these mistakes can make any security measures redundant. So what can you do? It is all about employee education; get them in the mind-set of double-checking anything that looks even remotely suspicious. This can be tricky as the more sophisticated attackers are sending emails that appear to be from people within the same organisation, there are some common signs, however:
Spoof email address/display name
- If the email appears to come from a well known source (e.g. bank, online retailer, employee etc.) check the senders details on the email, do they match what you would expect to see? The image below highlights a good (bad?) example.
Attachments with a seemingly random stream of characters
- Again see the example below. If the document attached was truly an order confirmation, it would unlikely to be saved as such.
URLs that don’t display the characters expected
- This one can be a bit less obvious to spot. Hover your mouse over the link, a small pop-up will appear at the bottom showing the actual URL you will be going to. If they don’t match, something is probably wrong.
Lack of detail in the signature
- Legitimate business will always provide contact information. So, a lack of detail in the email signature may point to a phishing email.
Something just doesn’t look right
- The email may look like it comes from a trusted source, all the links and/or attachments appear genuine and the signature contains all the information you would expect – but if there is something in the email that strikes you as suspicious, there’s probably a good reason. This article from the BBC highlights a perfect example - a request comes from your boss asking for money to be transferred as a matter of urgency – is that normal?
Emails from companies they have never had contact with before
- The most obvious sign of a phishing email is one that has come from an organisation you have never dealt with before, who have ‘attached an invoice’ (or something similar). If you unsure if it's genuine or not, contact the company directly to confirm.
According to BakerHostetler, it is also worth implementing a simulated phishing program. These can be a great training tool for employees, helping them to identify and avoid phishing messages. They also help organisations measure the existing baseline susceptibility of employees, identify those users that need additional training, and measure the organisation’s progress toward reducing user click rates.
The continuous evolution of phishing scams means that preventative technology can only do so much; it is education that can be the best line of defence and ensure that your organisation is better prepared for any potential attacks.