The greatest threat to your organisation is sitting in the inboxes of your employees. Email is still the number one threat vector and a major weak link in your IT security. The truth of the matter is that many of us have become complacent and just want to get through the many emails that clog our inbox, on a daily basis.
Cybersecurity firms have come a long way in protecting your system, but more often than not they’re playing catch up to the latest threat. In a post I wrote over a year ago referring to ransomware, I explained that it’s us, the users of the computer systems that are the biggest threats (Ransomware – Common Bad Practices are Your Biggest Threat). The reality is that we’re all getting malicious emails on an almost daily basis, but they only become a danger to your systems, if you carry out an action, such as clicking on a link or opening an attachment.
The current wave of malicious mails appears to target the users of Microsoft 365. The mails will usually urge you to take immediate action or face the loss of emails or termination of your account. You may also be asked to click on a link to verify your account. Some of these mails can look quite genuine but there are a number of things you can do immediately identify them as malicious.
- Look at the sender’s address. For example, I got one this morning that claimed to be from Microsoft, however the sender was a business email address from the UK in no way associated with Microsoft.
- Hover (and I mean hover, not click) over the link you are asked to follow. This will also likely show you that it’s not to be trusted.
- Check the spelling and grammar. Look at the SharePoint Encrypted Email Service email I have included in this post. “Received” is incorrectly spelt as “Recieved” (Remember I before e except after c). Simple enough mistake to make but do you think an automated email from Microsoft would have this error. Look at the writing in red highlighted. For a start the grammar is poor and there is no way you would be asked to provide your password.
A couple of weeks ago I carried out an experiment to highlight the dangers of links and attachments by sending a newsletter to a large number of users on our mailing list, regarding an earlier spate of 365 malicious mails. At several points in the newsletter I stated that you should not click on links and added a number of links throughout the mail that said, “Don’t Click”. A surprisingly large number of users clicked on these very links and were taken to a page on our site that said, “I told you not to click”(see images below). This was simply done to show that we are creatures of habit and when faced with a busy inbox, it’s easy to become complacent and follow the instructions of the scammers. It’s often necessary to send links and most of my post will have several links included, however you should still check the source to ensure that it is safe.
Here at it.ie we recommend to our clients that they should implement C.U.B.E to mitigate the chances of attack and reduce its impact, should you fall victim
- Communicate: with employees to develop a strategy to inform employees if a virus reaches the company network.
- Update: all software, including operating systems, antivirus software and all other applications.
- Back Up: all information every day, including information on employee devices, so you can restore encrypted data if attacked. It is strongly advised that you use an online backup service.
- Educate: staff on cyber security practices, emphasising not to open attachments or links from unknown or untrusted sources.
We provide a number of data security and business continuity solutions that are designed to help protect your business. For further information, please call sales on (01) 8424114 or email firstname.lastname@example.org.
John Grennan IT.ie