Email. Love it or hate it, you have to use it. Even in 2017, there’s no replacement for email. It’s still the standard “de facto” communications method used by almost every company out there – and that’s unlikely to change anytime soon.
That’s why it’s more important than ever to avoid malware, viruses, and ransomware sent through email. As the data collected by companies becomes more and more valuable, scammers and cybercriminals are looking to get their hands on it – and turn a profit.
To help you avoid common infections and security risks caused by poor email usage, we’ve put together this quick list of email safety best practices. Read on, and see how you can increase security in your company.
This one is simple. Did you get an email from someone you don’t know? Don’t download the attachment – especially if it looks important and creates a sense of urgency.
Even innocuous-seeming attachments can hide malware, viruses, keyloggers, or even ransomware. Even if the sender seems legitimate, they could be “spoofing” – using complex techniques to make their email address and headers seem legitimate, while hiding viruses in attachments.
Simply put, it’s never worth the risk to download an attachment from an unknown sender.
This is related to point 1. Did you know that .doc and .docx files are some of the most popular vectors for malware infections? While the “macro” features of Microsoft Word documents can be useful, these powerful tools can also be used to program extremely damaging viruses.
Reports have even been made of complex ransomware being distributed through Word files. So unless you’re certain that the sender is above-board, ignore that Word attachment – it could be a virus.
According to Verizon, phishing remains the most common way that hackers break through organizational cybersecurity. This is because, if done right, phishing attacks don’t require any technical expertise at all – employees willingly hand over their information, and allow criminals to break into valuable IT systems. This happens when personal information like passwords are revealed through email.
Common phishing attacks have criminals posing as IT workers – they may email you, saying that you need to reset your password, or send over your personal information so that they can do it for you. And if you give them that information, they’ll use it to break into vulnerable systems, and steal data.
When in doubt, don’t share personal information like passwords in emails – and be suspicious of any email that is asking you to do so.
You should always be suspicious of links sent in emails – particularly if they’re from unknown senders. Hyperlinks can easily lead to direct download pages for executable files, infected Word documents, and other sources of malware and viruses. When in doubt, don’t click that link!
Changing your password regularly is the strongest method of preventing “brute-force” attacks. You should be changing your password – at minimum – once every month or two. If your IT team has no standard for how often passwords should be changed, consider implementing them.
Located in Winnipeg, 365 Technologies offers comprehensive managed IT services. We focus on small-to-medium-sized businesses – so if you’re in need of consultants to help you lock down your email system and increase your cybersecurity, we’re the perfect choice.
Contact us now for a free consultation. You can learn more about our service offerings, and see how 365 Technologies can help you prevent your company’s most valuable data from falling into the wrong hands.