Web Hosting Blog
We receive hundreds if not thousands of work emails every year, with topics ranging from critical financial decisions to what treats have been left in the office kitchen for everyone. But not every email we receive is a legitimate email. Criminals know how important emailing is to organisations, so they often use it as a weapon to steal essential data and even money.
This blog will look at the most common threats and the steps you can take to ensure they don’t compromise your data security.
How criminals attack
Pretending to be the boss
One of the most common scams involves criminals posing as senior members of the management team. They often ask your staff to authorise an urgent payment to a supplier or buy online vouchers to distribute to clients and send the codes.
Many large brands have fallen victim to this. Mattel, for example, was scammed out of $3 million when a finance executive was tricked by an email which led him to wire the money to a Chinese bank.
These scams put money directly into the hands of the criminal, and this is hard to get back.
It’s easy to blame the victims in these situations; however, there are many reasons why these scams work, including being sent from official emails, outlining and following the companies’ protocols and requesting payments to vendors in countries where you do business and from vendors stocking products similar to the ones you use.
To help reduce these errors, you need to conduct regular training for your staff. They will teach them what to look out for when they receive emails, reassure them that they can check any requests and remind them to remain vigilant.
Installing viruses and malware
Another type of email that hackers send to your employees asks them to downloadable executable files that install viruses and malware. If they are logged onto your dedicated server or a cloud hosting solution, the hacker might get the information they need to access your data.
To stop this damage, you need to ensure that your staff have anti-virus software installed like Bitdefender Antivirus Protection as well as external protection such as Barracuda Email Spam and Virus Firewall.
You can ask them if they already have anti-virus software installed on their equipment or to download one of their choices, but this puts all the responsibility onto the employee. Additionally, if you have employees who are not. Or you can extend your current software licences so your employees can protect their computers.
You must regularly update your anti-virus software to protect you against new viruses. Businesses must also train employees on how to use anti-virus software.
Other steps you can take to stay safe
Accidents still happen, and your employees may still fall for scams, but there are some steps you can take to minimise this risk. We’ve already discussed two of the main ones, anti-virus software and training, but here are some more of our top tips to help you stay safe.
Have regular backups
Protect yourself from data corruption or loss by backing up your data regularly. Ideally, it would be best if you did this daily.
Regular backups allow you to recover data within minutes should a breach occur. And therefore, the amount of time and data loss is minimised.
Update processes and policies
It would help if you had policies requiring staff to report all attempts to breach the computer network. Creating a clear set of instructions for your employees to follow when they feel like they are receiving scam emails helps encourage your staff to keep you informed.
Create a how-to spot a scam guide for your staff
The best defence against these scams is education. Many companies now invest heavily in training their staff to spot the tell-tale signs of fraud, such as:
- Emails that have come from a non-genuine email address or an address that is similar to another member of staff, for example, firstname.lastname@example.org instead of email@example.com
- Email starting with a generic greeting, for example, “Dear Valued Customer” instead of “Dear John”.
By having something to refer to when they are unsure, staff are less likely to fall for these scams.
Update your security
Make sure that your infrastructure security is secure and up to date.
For example, you might realise that it has been a while since you’ve updated the core software on your dedicated server. Out-of-date software leads to gaps in your security that viruses can exploit. So updating your software is vital.
Additionally, ensure that any email platform, anti-viruses, and remote working software are kept up to date, so they can help protect you from any new viruses.
Talk to your email or hosting provider about what measures they have to protect against phishing attacks. Email scams are still rife, so you and your staff must spot the signs and act accordingly.
If you want to discuss your email security and hosting requirements, get in touch with a member of our team. Our experts are always happy to help you choose the right solution.