One out of 14 Phishing Emails successfully trick users into opening malicious links or attachments, per Verizon – and Proofpoint research shows that 25.5% of clicks on malicious URLs occur within 10 minutes!
According to Gartner, email is the primary vector for targeted cyber attacks and will likely continue to be through at least 2020. If you have not taken steps to guard your organization's inboxes against attacks already, now is the time to start.
Here are the first 5 steps you should take:
1. Have an Effective Email Gateway
Keeping the spam out is a basic step, because without this, attempting to maintain security will be like trying to dam the ocean. Users will be flooded by waves of unsecure emails.
Make sure your organization's secure email gateway is effective at blocking most spam messages.
2. Leverage Anti-malware Multi-scanning
Most secure email gateways have an anti-malware Engine installed and scan incoming messages for threats.
But one anti-malware engine just isn't enough.
There are too many threats, and the number of new threats is ever-increasing. No matter how often virus definitions are updated, any given anti-malware engine is going to miss some threats.
That's why multi-scanning – or, scanning with multiple anti-malware engines at once – is the best solution, especially for email.
Take a look at our research to see how big of a difference using multiple engines makes. With 4 engines, 98.3% of threats are detected. With 30 engines, detection rates go up to 99.8%!* Additionally, multi-scanning solutions detect new threats more quickly.
3. Implement Data Sanitization (Content Disarm and Reconstruction)
Anti-malware engines will not catch everything. The usage of common documents to conceal malicious scripts, macros, or hyperlinks is well-documented. Neutralize malicious attachments with a Content Disarm and Reconstruction (data sanitization) solution that breaks down and reconstructs potentially dangerous files, stripping unsecure objects in the process while preserving the usability of the file.
4. Train the Users
User security training must be an ongoing process. Users within your organization need to understand that security is a priority, how to recognize unsafe emails, what a trustworthy source is, how to confirm big requests (such as financial transactions) with the sender personally, and so on.
Also important is that users understand how to create strong passwords. Weak passwords that criminals can easily guess make it all too easy for them to carry out phishing attacks using a compromised email account.
Finally, users need to recognize that targeted spear phishing emails may look highly legitimate. Through email spoofing or compromised email accounts, attackers can send emails that appear to come from someone the recipient knows. Cyber criminals find it especially effective to impersonate an employee's superior in order to get them to do something (we've been targeted in this way at OPSWAT).
Phishing emails aren't all misspelled subject lines or too-good-to-be-true offers that are obviously spam; they may be highly targeted and sent by clever, resourceful criminals. Which leads into the next point...
5. Provide Easy Phishing Reporting
Make it easy for users to escalate issues to security team for investigation. Have a dedicated email address to which users can forward suspected phishing emails – or better yet, find a plugin that enables users to report phishing with a single click.
This will make it more likely that a targeted spear phishing campaign is caught early on, and it will give your security officers insight into what kinds of threats they are facing.
Learn about Metadefender Email Security here.
*Statistics as of September 25th, 2017
