There’s no doubt that cyber-crime is one of the fastest growing and evolving crimes as of recent. With the rising tide of cyber theft, in just two years, we are projected to see a 15x increase ($5 Billion – up from $325 million) in global ransomware damage costs in 2017. Ransomware and other viruses are distributed through many different avenues. One of the easiest and more common is through email. An Email cyber attack is one of the most popular forms of hacking due to one perpetual factor; Human error.
As the world goes digital, humans have become a much more common target than the system itself. Because of this, sensitive information is only as secure as the least secure human who has access to it. For example, look at the Gmail attack back in May. This sophisticated phishing campaign targeted Gmail users by disguising itself as a trusted contact and asked users to check out an attached Google Doc. When the user clicked on the link, it asked users to give permission for the fake app; allowing access to their email histories and contacts. On top of this, the virus was able to spread to all contacts.
Situations like this happen to businesses of all sizes. It is important that you are protecting your systems from these attacks. However, this can be difficult if employees are not properly trained on how to identify the warning signs. Don’t let hackers trick you into handing over sensitive information. Here are the top red flags that employees should be looking for when faced with a phishy email cyber attack
If you think an email seems fishy, the first red flag should be the “from” section. Sometimes these will be blank. Other times, there will be familiar, trusted, contact names in this field. However, they are usually misspelled in a clever way that will throw you off. For example, firstname.lastname@example.org will be email@example.com. When you quickly look they can be construed as a familiar email address that is trusted, but it can easily trick you.
Many times, email cyber attack attempts will be spammed out to large groups of users. If you are cc’d or attached to an email with a bunch of unfamiliar names this is a red flag. Double check the “from” field, links, and subject line before clicking anything in the email.
The next thing that you should look at when you suspect that an email is fishy, is the subject line. The subject line will say something alarming that will grab your attention. Some buzzwords to look for could be: Approve this, Urgent, Credentials, Your account, etc. This is an easy way that threat actors trick users to open emails and draw them in.
If the above 3 red flags pass the validity test, the next thing to look at is the content of the email. An email cyber attack attempt might urge you to update information or change a password. They will make it seem extremely urgent so it installs fear into the user. Another thing to look out for is misspelling and grammatical errors.
A good rule of thumb, is to always be cautious when it comes to opening attachments. They can seem harmless, but there can be malicious viruses or another form of malware within the attachments. Make sure that the source seems valid, or even check with IT, before opening an attachment that you aren’t sure about.
The same thing goes with hyperlinks as well. Always be cautious when clicking hyperlinks unless it is from a trusted source. Many times, these can send you to pages to install viruses and malware. The first thing you should do is hover over the link prior to clicking. This will show you the full link and destination. Never click on something that you are unsure about. If you have a weird feeling that it is suspicious, go with your gut feeling and don’t click.
The last red flag that we will discuss is timing. If you are receiving an email in the middle of the night about wiring money from an executive – I would double check the validity of that email prior to reacting. Also, be cautious around holidays and large events. Threat actors will take advantage of these for their own benefit.
When it comes to an email cyber attack, human error will always be the downfall in an organization and a benefit to the threat actors. To combat these risks, teach your employees the warning signs of a malicious email attempt. This is only the first step to strengthening your security posture though. What happens when employees fall for a malicious trap? It is important that your organization is protected from the external to the internal level. A holistic security approach can supply everything your organization needs to protect the oopsies and uh ohs. Contact us today for more information!
It’s time to finally say, Happy Holidays! While the holiday season is for spending time with your family, eating way too much, and spreading the holiday cheer, it also signifies that the year is coming to an end. And, we’ve all heard the cliché saying, new year new me, right? Well, as you might have … Continue reading “New Connections: An Introduction to Magna5”
In the recent Solarwinds MSP Cyber Preparedness Survey, Solarwinds surveyed 400 Small- to Medium-Sized Enterprises. This survey investigated the cyber security preparedness, experiences and failings of these organizations to better understand what we can be doing to better protect critical information. The headlines of all the attacks this year are enough to scare people to … Continue reading “7 Pitfalls That Are Hindering Your Cyber Security”
FOR IMMEDIATE RELEASE Contact: Anne Clarrissimeaux Communications Manager Magna5 firstname.lastname@example.org 214-552-0910 MAGNA5 ACQUIRES NETSERVE365 Fourth acquisition in 18 months strengthens PaaS, IaaS, UCaaS services portfolio with addition of award-winning network and server monitoring and management, cloud hosting and managed IT security services Pittsburgh (November 16, 2017) – Magna5, a portfolio company of NewSpring … Continue reading “Magna5 Acquires NetServe365”