Many people don’t realize that email is the gateway for hacking and malicious intrusion. Over 90% of cyberattacks start with email, which can lead to significant reputation damage and financial loss. In fact, the Department of Homeland Security said that approximately 20% of the email received can be classified as malicious. Also, the FBI estimates at least $12.5 Billion in global financial losses annually from email compromise.
In today’s remote/work from home atmosphere, email is vital and we need to protect our accounts from the schemes of malicious actors. Here are some proactive steps to take to be protected:
Password Hygiene – Good password hygiene goes a long way in preventing an account from being compromised. Use long passwords that are complex and combine uppercase letters, lowercase letters, numbers, and symbols. Don’t reuse passwords and use separate passwords for each login. Consider a password manager to help manage the strength and security of passwords.
Multifactor Authentication – Adding multifactor authentication to email accounts provides additional security through an extra layer of protection. The more layers/factors applied, the lower the risk of an intruder gaining access to accounts.
Email Filter and Secure Email Gateway – A strong business-grade email filter will not only provide virus and spam protection, but will block malware, graymail, scan URLs, protect against phishing and impersonation, and scan email attachments among other features. This will vastly reduce the amount of malicious email that will make its way to Inboxes.
Security Awareness Training – Cybercriminals ramped up phishing attacks by over 667% at the beginning of the pandemic. It’s important for users to be trained on a regular basis (i.e., monthly) to be aware of threats when using email. Security Awareness training programs will deliver training and simulated phishing schemes on a routine basis to raise the awareness of the organization.
Security software up to date – It’s important that security software (antivirus, patches, etc.) is up to date to protect against breaches that may occur. It’s also important to have a backup of data/email if a restore is necessary.
If an email does get hacked, contact your IT representative immediately. They will check your system for infections, reset passwords, and make sure no footholds were left behind from the intrusion.