What would you do if you receive an email from your boss that reads as below?
I need you to make an outgoing deposit transfer of xxxx rs. to a vendor. Can you get it done now? It will be refunded back to you later today or tomorrow morning. Revert back ASAP so I can forward you the vendor account details.
Some of you might be able to recognize that it’s just another phishing attack. However, there will be a few (if not many) who could fall prey to such an attack and end up sharing their details. Thus, it is essential that the organization trains its staff to identify the tell-tale signs of email phishing attacks so that they know what to look out for and prevent any loss of data and/or money. Although such attacks are not new but the frequency has gone up significantly this year due to COVID-19. Despite the rising sophistication of cyber-attacks, email is still the primary attack vector used by cyber criminals.
Business Email Compromise (BEC) and Zero-day Attack:
‘Business Email Compromise (BEC)’ is one such common business email-based attack in which the hackers obtain access to a corporate email account and send fraudulent emails under the identity of the account owner with an objective of stealing money and/or sensitive information. ‘Zero-day Attack’ is another type of business email-based attack wherein the threat actors exploit a vulnerability before your IT team has had a chance to release a fix for the same. Businesses have to pay hefty costs for such attacks in the form of system downtime, lost productivity, damaged reputations or regulatory actions.
What are the business impacts of email-borne attacks apart from financial loss?
- Intellectual property loss
- Loss of customers
- Damage to reputation
- Regulatory action and fine
So, it is imperative for organizations to have necessary safety measures in place to avoid such attacks. Many organizations make use of safety measures like firewalls and secure email gateways to restrict attacks arising out of phishing emails, however these systems cannot be completely relied upon due to the evolving nature of attacks via email. Thus, it is necessary to take further measures to mitigate the risk of email-borne attacks.
In this blog, we’ll cover 10 point checklist for your organization to enhance its business email security:
- Periodic security audits to ensure that the systems are up-to-date with latest security patches. Occasional third party audits can also be arranged to ensure zero vulnerability.
- Comprehensive password policy including strict norms on length, complexity and expiry. Users should be reminded to change passwords regularly as a best practice.
- Effective incoming + outgoing email monitoring needs to be in place to block transmission of mails from/to unwanted and risky domains.
- Train employees to act ‘smart’, not fast. Adequate training needs to be given on how they should take time to inspect an email in order to identify and avoid opening unsafe links and attachments, especially from unknown sender.
- Multi-factor authentication can be put in place in the form of mobile code while logging in to webmail, especially if your employees are dealing with sensitive information related to business and/or customers or financial transactions for the company.
- Mail access restriction enables IT team to restrict certain users to access official emails outside of organization’s network or allow them to access the mails only via secure channels/IPs.
- Implement ‘Transport Layer Security (TLS)’ protocol to encrypt the contents of emails and ensure they can’t be read by anyone other than the intended recipient.
- Block large email attachments as a thumb-rule and quarantine them until scanned.
- Virus and spam protection should be in place in the form of anti-virus to combat/stop any malware or ransomware delivered via email from infecting your endpoint devices.
- Configure spam filter as most email scams begin with unsolicited commercial email and such filter can prevent spam from getting into your employee’s mailbox and thus into organization’s network.
Also Read: Role of Database Activity Monitoring (DAM) in Database Security
Cyber-attacks have a catastrophic effect on organizations. Such attacks have impact at several levels including business operations, brand’s perception etc. Organizations must, therefore, ensure that they have strong security controls in place to detect and prevent these e-mail attacks. The above mentioned check-list can help prevent cases occurring due compromised accounts to a larger extent, however it is recommended to take expert help in order to put an all-inclusive security system in place.