There’s an astounding 84% increase in business email compromise attacks, according to the latest Email Threat Report, which compares half-yearly statistics. The findings of the Email Threat Report should be particularly alarming to organizations that use email services as their main means of internal communication or correspondence with their partners and clients.
How are cybercriminals infiltrating businesses today?
“Today, cybercriminals use highly sophisticated strategies to trick their victims into revealing sensitive information, sending money, or even giving access to their employer’s computer systems,” said Oliver Noble, a cybersecurity expert at NordLocker commenting on the study.
“One of the most dangerous cyber threats to a business is social engineering, which occurs when hackers exploit human psychology to gain benefit. Unluckily, human error remains the most common reason for cybersecurity breaches in the world today,” Oliver further said.
For irreparable damage to happen, a business needs just one well-constructed email to be opened and acted on by a vulnerable employee. “The overwhelming amount of online communication has been causing many employees to be more distracted and less cautious about which emails they open and which links they click on,” further explains Oliver Noble.
“Business email compromise attacks usually impersonate a trusted colleague or a well-known service provider to convince a recipient to engage in actions like revealing confidential data, paying fake invoices, giving away their login credentials on a bogus webpage, or deploying malicious software, such as ransomware, on the victim’s infrastructure.”
How can companies keep cyberattacks at bay?
To avoid the doomsday scenario, Noble provides five easy-to-follow tips that can help protect your business from falling victim to the prevalent global email attacks.
- Secure your email by training your staff to identify signs of malware, especially when an email contains attachments or links.
- Use spam filters. In recent years, email platforms have established filtering systems that are advanced in detecting unwanted emails. Even though they are not perfect, spam filters do a good job of screening out suspicious messages.
- Implement a secure file-sharing process. Despite being unsafe, email is still the most common means for file sharing. An encrypted cloud solution may be the most secure solution for sharing your sensitive files among colleagues and with third parties.
- Make sure your employees use strong, unique passwords to connect to your systems. Better yet, start using password managers and multi-factor authentication.
- Adopt zero-trust network access, meaning that every request for access by a member of staff should be granted only after their identity has been appropriately verified.