Email Security Advice for Business

You can’t have failed to notice the volume of malicious, spam, or phishing emails being received now. We’re seeing increased prevalence of malicious messages and attachments landing in some users mailboxes across our clients and this is typical of reports from the wider IT industry. Here is some sensible advice for your staff to follow when handling email. Accidentally or deliberately running these malicious attachments can have a devastating impact on your business so it is important that staff are aware of how to avoid these risks. Long gone are the days where a virus will break one computer for the day, causing some mild inconvenience. We’re seeing malware now that will use one infected PC to try and encrypt all the files on the network, server and backup system; decryption is sometimes possible by paying a ransom, but even then doesn’t always work. You can imagine the impact that has – prevention is definitely better than cure! While all our clients have a number of security layers to protect staff from spam, phishing, and malware, there is always a risk of “zero-day” threats getting through, so it is important that staff can recognise them and know what to do. It is everyone’s responsibility to minimise the risk from virus or malware infection, so therefore it is essential that we all take sensible precautions when handling email. Here is some key advice on the four main threat areas:

Attachments

We all know not to open suspicious emails or attachments, but it’s important to determine correctly what is “suspicious”. Watch out for attachments from unknown sources, or unexpectedly from a known source. These include:

• delivery confirmations (UPS/Fedex/Royal Mail/etc)
• invoices
• order details
• remittance info
• ParentMail/School communication

PDF, Word, Excel and Zip files, as well as programs or screensaver files, can all be infected so don’t open them. Often these are “zero-day” viruses which are very new and not yet detected by antivirus products (hence they’ve got through to your mailbox). Staff working in HR, Admin and Finance are particularly at risk here. If your receive a suspicious attachment, it is important you minimise the risk of virus infection. Do one of these with it:

• Safest: Delete it without opening it. Call the sender, and check what was sent. Forward it to Excellimore to verify it. Most risky: if you’re sure it’s safe, wait at least 24 hours before opening it. This should give time for antivirus signatures to be updated to detect this if it’s a new threat.

If in doubt call Excellimore at the earliest opportunity and we can investigate, and if necessary isolate and clean up infected computers.

Phishing Attempts

This is where someone tries to obtain your personal or account details by asking you to follow a link, and filling in a form/signing-in to a bogus site. Be suspicious of ANY email that asks you to follow a link. This can include:

• Microsoft, Hotmail, Yahoo, Google or other service account being compromised, suspended, or needing revalidated
• Computer or IT support account being compromised, suspended, or needing revalidated
• Amazon, Ebay, Paypal or other providers account related correspondence

If in doubt forward it to Excellimore who will verify it.

Spear Phishing or CEO Fraud

This is a slight variation of phishing which is specifically targeted at you. Emails may appear to come from another member of staff, usually someone in authority (hence CEO Fraud). These will often be looking to change bank details for a supplier, make or confirm a payment, check or remittance details, and usually include some element of urgency. Again, if in doubt forward it to Excellimore to verify it. Also, don’t REPLY to it, because often the reply address is spoofed. You can also FORWARD it to the member of staff it purports to come from, using their correct internal company email address, so they can confirm it. It’s important to appreciate that the other member of staff’s email account usually hasn’t been compromised – it’s just a simple technique that those sending the emails use to make it look like it’s come from a company email address.

Spam

Spam is one of the pains of modern-day email. We see hundreds of spam messages per day filtered out across our clients, however there will always be a few that get through. If you find some are getting more than a handful a day then Excellimore can work with you to investigate why there might be a particular issue, and seek a solution for you. We trust this is a useful message that will help you and your colleagues keep safe online. We’ll continue to publish updates and advice on our blog, Twitter and Facebook feeds, so please do follow us there.