Email is a very popular point of attack for bad actors. Some examples of these attacks can be malware, spam and phishing.
Malware that you can get through email is viruses, worms, trojan horses, and spyware. When these attacks succeed the attacker can take full control of workstations and servers and can gain access to all your sensitive information.
Spam can disrupt workflow and transport malware.
Phishing tries to trick you into disclosing sensitive information by posing as legitimate companies.
Email Security helps you prevent such attacks by using a set of methods and software to block attacks or become aware of what is legitimate or not.
Email Security Practices
Email security requires several types of technology and software, it is also important to educate yourself and employees to minimise human error. Some examples are password cycling, secure login, Spam filtering, spyware protection, email encryption and of course employee education.
Password cycling is to ensure that all passwords need to be changed frequently to ensure that any compromised passwords only have a limited use.
Secure Login is to ensure your login details are encrypted.
Spam filtering are scanners and other tools to see if emails have signs of malicious files or unwanted files and blocks them before they reach the end user.
Spyware protection, with this you need a cybersecurity security program that has dedicated spyware removal.
Email encryption, encryption technologies can be utilised to encrypt your emails between you and another if you will be sending sensitive information over email.
When it comes to employee education it is important to teach them signs of phishing and to be wary of links. Some common signs of phishing will be spelling and grammar errors in the email, also instead of clicking the links you should hover over the link with your mouse to see if the link is truly what it says it is. also instead of clicking on the link you should go to the site manually, for example if you get an email from what looks like it is from your bank saying some money has been transferred out of your account and if this happened without your knowledge “Click the link below”, rather than clicking the link go to your online banking manually to see if money was actually taken. You should also ensure your employees don’t send sensitive information over emails unless it is necessary and if they do they should ensure that the email is encrypted and secure.
Email Security Software
There are a lot of software you can choose to help with email security. Luckily SE Labs has done research for 2 years on multiple different software working with the companies that made the software themselves as well as with their customers. These tests included sending emails of known spam and malicious emails to willing participants with the required software. They have also submitted the test to Anti-Malware Testing Standards Organization(AMTSO) which you can have a look at it yourself by clicking here.
A summary of the test can be seen below.
This test pitted a number of email security services against live targeted attacks that used the same or similar tactics to well-known groups operating over the last few years. Advanced malware and social engineering tactics were used to replicate nation-state-level attackers, as well as cyber criminals targeting individuals and the general public.
If you would like to purchase any of these products then you can contact Craig at craig@acumentech.co.za