Category: Email Security

Grant Warkins, Director, Technical Advisor Services, MOXFIVE

In today’s digital landscape, businesses face an ever-increasing risk of email compromise, which can lead to significant financial losses due to fraud and reputational damage to customers. Safeguarding your organization’s email assets is crucial to mitigate these threats effectively, and here are some essential security measures that businesses should consider when it comes to protecting against a potential business email compromise.

Multifactor Authentication (MFA)

Enforcing multifactor authentication is a vital step in preventing business email compromise (BEC). Whether you’re using a local email server like Microsoft Exchange or a cloud-based solution like Microsoft 365 (M365), MFA should be enabled on all public-facing email assets. It’s essential to configure cloud resources, such as M365, to enforce modern authentication. This ensures the MFA process during login. Companies should also disable basic authentication settings because MFA alone is ineffective if vulnerable legacy protocols are still active. MFA solutions like Okta and DUO offer comprehensive frameworks for protecting accounts across multiple critical applications.

Email Security Solutions

Email security-as-a-solution has become a critical cybersecurity control for businesses of all sizes. These solutions integrate with email services to filter out a wide range of threats, from inbound phishing emails to malware. Products such as Abnormal and Proofpoint provide comprehensive protection, acting as the first line of defense against hackers, spam, and malware. Configuring email security solutions to generate alerts for suspicious activities, such as unusual login locations, help in detecting breaches promptly.

Employee Security Awareness Training

In addition to MFA and email security solutions, educating employees about email security best practices is essential. Companies should invest in training their users to recognize and report phishing emails and other signs of suspicious email behavior. This should be a more than a one-off initiative–ongoing education on the latest security risks and regular phishing email awareness tests are crucial.

Some areas to consider include:

  • Conduct phishing simulations and provide fraud education which will help create a stronger defense by cultivating alert employees who understand current threats and their role in maintaining organizational security.
  • Educate all employees about password best practices and emphasize the importance of creating strong passwords and changing them regularly and how these will significantly enhance the security footprint.
  • Discuss the importance of establishing a two-step verification process for any wire transfer requests or changes to existing B2B accounting information. This way, an employee can receive verbal confirmation from a trusted source that the request made is legitimate.

Separate Personal and Professional Email Accounts

One request most of us have heard before is not to use our business email accounts for personal communications. But these communications typically have not touched on this from a security perspective.  The fact is that using business emails for personal tasks increases the risk of those accounts and associated credentials being harvested. It can also compromise the security of both personal and professional data. Employees should be encouraged to maintain separate email accounts for personal and work-related activities.

Audit Logging

Audit logging of email-related activities is critical for conducting thorough BEC investigations. Email or cloud tenant administrators should ensure that audit logging is enabled and set to an appropriate retention period. In addition, security, legal, and administrative teams should collaborate to ensure that audit logging meets compliance requirements for security or regulatory purposes. In cloud environments like M365 or Google Workspace, audit logging tracks activity across accounts, mailboxes, and other relevant log sources, providing valuable assistance to forensic providers during BEC investigations. It’s important to note that audit logging must be enabled in advance and does not work retroactively.

Consider Automated Protocols for Email Security

In addition to implementing the aforementioned best practices, businesses should consider using ancillary protocols to enhance email security. Two critical protocols are domain-based messaging authentication reporting and conformance (DMARC) and brand indicators for message identification (BIMI). DMARC helps protect domains from spoofing by authenticating email servers and providing instructions for handling emails that fail authentication. BIMI leverages DMARC and other protocols to authenticate emails from legitimate sources and display a company logo, enhancing brand awareness and mitigating the risk of fraudulent emails.

Cyber Liability Insurance

Cyber liability insurance plays a vital role in mitigating the financial impact of email compromise incidents. It is important to review your policy to ensure it covers identity loss and aligns with your risk tolerance. Ideally, the policy should specify a trusted forensic provider, ensuring a timely response in the event of a BEC. Insurance panel providers may take additional time to engage in an incident response scenario, which can cause delays and complications.

Engage Outside Counsel and Report to the FBI

When facing a BEC attack, it is advisable to engage outside legal counsel to provide guidance on response strategies and oversee the investigation. Additionally, reporting the attack to the FBI is crucial for intelligence collection and potential recovery of wire transfer funds. Compliance with data privacy and notification obligations is essential, and involving appropriate authorities can aid in the overall resolution of the incident.

Business email compromise poses a significant threat to organizations, but by implementing these essential security measures, businesses can strengthen their defenses against email-related attacks. From enforcing multifactor authentication to training employees and engaging third-party solutions, proactive steps can significantly reduce the risk of falling victim to email compromise. Remember, protecting your email assets is not a one-time effort but an ongoing commitment to maintaining a secure digital environment for your business.

 

Grant Warkins

Director, Technical Advisor Services, MOXFIVE

Grant is a cyber security leader with decades of success helping clients navigate complex security investigations and building proactive security programs to mitigate risk. As a technical advisor at MOXFIVE, Grant assists clients in managing forensic investigations, recovering networks from cyber security attacks, and providing valuable insight on proactive controls that can make networks more resilient.

The post Protecting Your Business from Email Compromise: Essential Security Measures appeared first on Cybersecurity Insiders.

By Sean Brady, Mimecast VP of Product Management

In addition to email, collaboration tools are now a focal point of the cyber threat landscape. While email-borne attacks remain the primary vector exploited by threat actors today, collaboration channels like Microsoft Teams and Slack have emerged as critical vulnerabilities of the cloud-based hybrid enterprise. Best-in-class products are undoubtedly important to a strong security posture, but cybersecurity is still a human issue at its core — more than 90% of security breaches involve some degree of human error.

The need for organizations to fortify their human firewall has never been more prevalent. That said, the security benefits of robust and ongoing user awareness training programs are evident: employees who receive continuous user awareness training are five times more likely to identify and avoid malicious phishing links. However, it’s easy for these training programs to fall flat, especially when they fail to align with the evolving threat actor tactics, techniques, and procedures.

According to Mimecast’s independently commissioned Collaboration Security: Risks and Realities of the Modern Work Surface Report, most security leaders (74%) believe their organization is equipped to defend against a collaboration tool-based attack, and 80% feel they have effectively communicated the security vulnerabilities of collaboration tools to their employees. But on the contrary, only 38% of employees claim they have received any collaboration tools security training, and a mere 10% say they have received dedicated collaboration tools security training separate from the wider cybersecurity training offered by their organization. The findings highlight a clear disconnect between organizational leaders and their employees, underscoring the importance of implementing more targeted awareness training programs for collaboration tool security.

Keys to Effective User Awareness Training

Effective user awareness training helps foster company-wide buy-in, creating an organizational culture where everybody plays a role in protecting the organization from cyber threats. The end goal is to simplify security for employees by guiding them on how to implement best practices that minimize cyber risk, whether it’s for social engineering prevention, brand spoofing identification, password protection, or data hygiene. It’s not to belittle them or make them feel as if they are the root cause of every successful data breach. That will only further exacerbate the problem at hand.

It’s important to remember that awareness training isn’t one-size-fits-all – it must be scaled to the intricacies of the organization’s unique security environment. For example, healthcare organizations that adhere to HIPAA data privacy regulations should structure their training around HIPAA compliance standards, which encompass different sets of protocols than organizations in other industries. Regardless of company size or sector, if the training content isn’t aligned with employees’ day-to-day roles and responsibilities, there’s far less likelihood it will resonate with them.

Also remember that when implemented correctly, awareness training is a marathon and not a sprint. It isn’t enough to simply require cybersecurity training during onboarding. Considering cyber threats are constantly evolving, training should be continuous and regularly updated to align with shifts across the cyber threat landscape – like the rise of collaboration tool attacks. Organizations that fail to refresh their trainings year-to-year are not accounting for the cyberattacks they face today. It’s critical to ensure employees are up to date on the latest risks and preventative measures.

Monitor training program pass rates and participation to measure its efficacy. Are you seeing higher pass rates over extended periods of time? Are employees completing training within the preferred deadline, or do they need to be constantly reminded? Keeping tabs on these metrics can give security teams insight into whether there’s a culture lacking in participation, and if so, how they can change that with the training. Understanding the results also gives your organization the opportunity to provide more training to the employees who need it.

The Personalization Effect

Personalization is worth its weight in gold when it comes to awareness training. Organizations should create interactive and engaging training materials that align with the interests and learning styles of Millennial and Gen Z employees. Utilizing personalization, as well as a variety of formats like videos, quizzes, and simulations, helps appeal to a wider audience and increases the chances of it sticking. That could come in the form of comedy, sports, or pop culture references. Promote active learning by including interactive elements in your training program and incorporating hands-on exercises, case studies, and real-world examples to encourage employees to apply their knowledge.

Customize the training content to address the specific responsibilities and risks associated with different job positions within your organization. For example, training courses for an HR admin should be different from the courses an accountant completes, considering both employees likely leverage collaboration tools in varying capacities and workflows. In turn, it should be tailored to relevant examples and scenarios that reflect day-to-day tasks so that employees don’t feel like it’s wasting their time.

With hybrid work environments seemingly here to stay, the volume and velocity of collaboration tool attacks will only continue to rise moving forward. It’s imperative for companies to position their employees to navigate these new forms of cyber threats. By implementing collaboration tool user awareness training at scale, they can make measurable progress toward enhancing security posture throughout every layer of the organization.

The post User Awareness Training: A Critical Component to Collaboration Tool Security appeared first on Cybersecurity Insiders.

The relentless wave of digital innovation has come with its share of threats. One such rising threat is Business Email Compromise (BEC). In a recent interview, cybersecurity expert John Wilson, senior fellow threat research at Fortra, explored the complexities of BEC and discussed key findings from Fortra’s recent report “2023 BEC Trends, Targets, and Changes in Techniques” on this pressing issue.

Business Email Compromise involves scam tactics aimed at tricking individuals and businesses into revealing sensitive information or performing financial transactions under false pretenses. It primarily operates through the manipulation of business email correspondence.

The Growing Menace of BEC

Wilson underscored the alarming rise in BEC incidents, as noted in Fortra’s report. It is not the complexity of the attacks that make them formidable, but their simple and deceptive nature. Often, a BEC attack will involve a scammer impersonating a senior executive or business partner, exploiting the victim’s trust and urgency to facilitate fraudulent transactions.

During the interview, Wilson illuminated the various tactics employed in a BEC scam. These include phishing emails, spoofing tactics, and social engineering. The fraudsters often invest time in studying the organizational hierarchy, behaviors, and communication styles to make their deceitful requests appear legitimate.

BEC scams can also involve the installation of malware on a target’s system to gain unauthorized access to sensitive data. Fortra’s report further illustrates the scope and diversity of BEC strategies, indicating a need for businesses to enhance their defensive measures.

Attack Pattern One: The Impersonation Game

One common scenario highlighted by Wilson involves impersonating a high-ranking executive within a company – usually the CEO or CFO. The scammer, masquerading as the executive, sends an urgent email to an employee with financial authority, typically in the finance department. The email requests an immediate wire transfer, often with a plausible reason like a confidential business investment.

This tactic relies heavily on social engineering, exploiting the power dynamic within a company. The recipient, believing the email to be from their superior, feels compelled to execute the request quickly, bypassing the usual protocols.

One effective measure against this is the implementation of strict protocols for financial transactions, including dual approval mechanisms. Regardless of the apparent urgency or source of the request, each financial transaction should require approval from two separate individuals. This reduces the likelihood of fraudulent requests slipping through the cracks.

In addition, training employees to be skeptical of unusual email requests, even those seemingly from superiors, can prevent this type of BEC attack. Employees should be encouraged to confirm such requests through a secondary, out-of-band communication channel like a phone call.

Attack Pattern Two: Vendor Swindle

Another BEC tactic is the vendor swindle. Here, scammers impersonate a trusted vendor or partner. They send an email to the company informing them of a change in payment details – usually a new bank account. Any payments to the vendor are then unwittingly redirected to the fraudster’s account.

This BEC variant is especially dangerous as it takes advantage of established business relationships and routines. Due to the perceived legitimacy of the vendor, the request may not raise immediate suspicion.

To guard against this, businesses should establish a verification process for any changes to payment or personal information. Any change request should be confirmed through a secondary method, such as a phone call using the previously established contact details, not the new ones provided in the suspicious email.

Automated systems that can flag changes in email patterns, such as language use or email metadata, can also be used to detect potential BEC attacks. Regular audits of financial transactions, particularly those related to vendors, can also uncover any irregularities.

In both cases, education is key. Regular training for employees to recognize the signs of BEC scams, and to understand the importance of strict adherence to protocols, is crucial. The goal is to foster a culture of security awareness where employees feel empowered to question suspicious activities without fear of overstepping boundaries.

Mitigating BEC Threats: The Way Forward

According to Wilson, effective defense against BEC involves a combination of technology, processes, and education. On the technological front, implementing advanced email security systems, multi-factor authentication, and continuous network monitoring can help detect and prevent BEC attempts.

Wilson stressed the critical role of processes, particularly those related to financial transactions. Implementing protocols such as dual approval for transactions, regular audits, and confirmation through out-of-band communication can go a long way in thwarting BEC attacks.

The Power of Education

Arguably, Wilson was most passionate about the role of education in cybersecurity. As he explained, technology and processes can only do so much if the users themselves are unaware of the risks. Regular training on recognizing and responding to phishing attempts, understanding the risks of information sharing, and staying updated on the latest cybersecurity threats is crucial.

In a rapidly evolving digital landscape, BEC presents a significant risk to businesses. However, as John Wilson’s insights suggest, this threat can be mitigated with the right combination of technology, processes, and education. It’s a reminder that in the world of cybersecurity, vigilance and preparedness are often the best defenses.

The post The Looming Threat of Business Email Compromise: Insights from John Wilson at Fortra appeared first on Cybersecurity Insiders.

By Dimitri Shelest, Founder and CEO of OneRep

Companies go to great lengths to protect their top executives. Keeping them safe, healthy and happy so they can perform their duties without unnecessary distractions is critical for the productivity of the company. At one time, executive protection meant providing bodyguards and secure transit, and fortifying executive offices against external threats. As more executives work from home, efforts have extended to bolstering home defense systems.

Still, there’s a missing element. In today’s digital world, it’s also necessary to protect executives online. That should include protecting their personal data.

Executives have access to some of the company’s most sensitive information, and they’re increasingly being targeted by hackers looking to steal company secrets or to perpetrate cybercrimes.

Personal data provides fuel for these crimes. Digital data warehouses store all kinds of details about all of us. It used to be just addresses, phone numbers, aliases, and relatives. Now, it’s far more detailed information such as political affiliation, names of neighbors, resting heart rate, and even Amazon wishlists.

All this data is collected legally by companies. Every time you interact with a computer–be that via a smart device, a bar code at checkout or on a website, data about you is being collected. In the U.S. there is essentially no limit to the amount of data companies can collect, and few limits on how they can use it.

Cyber Attacks Against Executives: Phishing, Whaling, and More

Most data can be sold to anyone who will pay for it–including bad actors. They can use it to personalize their workplace phishing attacks and business email compromise schemes to make them more effective. Executives are particularly at risk for “whaling” attacks, where a criminal impersonates an executive via email or another means of communication and asks the target for money and/or information.

A successful whaling attack can be quite lucrative, since executives have a lot of credibility and power. In one such attack, a Mattel finance executive sent $3 million to a fraudster impersonating the company’s CEO. With the possibility of such large payouts, criminals will go to considerable effort to use personal details that make their requests compelling and believable.

Executives also face risks from social media, where they are more visible and accessible than ever before. This can be great for brand-building and engagement. Unfortunately, it also puts them at risk of harassment or worse from a variety of bad actors, both online and in real life.

This can come from dedicated customers or fans who are unsatisfied with a product or service. For example, in 2022, Strauss Zelnick, the CEO of Nasdaq-listed video game developer Take Two Interactive, was forced to lock his Twitter account after being bombarded by a wave of harassment from customers dissatisfied with the latest Grand Theft Auto game.

It can also come as a result of taking a stand–or not taking a stand–on social issues. Gone are the days when staying neutral was the preferred corporate strategy. According to research from Accenture, customers are increasingly aligning their spending with their values. They demand to know where companies stand on issues that matter to them. Executives are expected to “walk the walk” and stand for the company’s values. But one false move can place them in the crosshairs of cancel culture and harassers can quickly descend.

This kind of harassment, while still very upsetting for the individuals involved, can at least be somewhat anticipated and crisis communications strategies can be at the ready. But threats to executives can also arise unexpectedly when a company is caught in the cross currents of the news cycle.

For example, after the contentious 2020 election, figures ranging from the head of strategy and security at Dominion Voting systems to the CEO of social media app Parler were forced to go into hiding with their families after receiving death threats when their personal information as well as that of their family members was leaked by hackers.

These scenarios don’t even include the possibility of threatening behavior from a disgruntled or terminated employee. In a turbulent economic environment like the one we are navigating now, this issue may come into the foreground as executives grapple with layoffs and cost-cutting measures.

This doesn’t just happen to executives at big companies or celebrity CEOs. Anyone who is involved in making decisions that can impact other people’s lives, contradict their political views or offend their values can become a target.

The effects are devastating. Researchers are just beginning to understand the impact of online harassment, but it appears to be very similar to other types of trauma. Victims might have difficulty concentrating and making decisions. They might experience increased levels of anxiety and even paranoia. They might come to fear opening messages or looking at their devices. Many individuals have even had to change jobs or alter their daily routines because of cyberstalking and harassment.

How to Protect Executive Data Privacy

Clearly, none of this is optimal to executive productivity. But it not only affects their own well-being. It can deplete morale of the company as a whole, and ultimately affect a company’s bottom line.

The good news is that there are steps that companies can take to protect their executives, their families and their organizations. It starts with educating them about the threats, and the fact that they are possible targets. Like the general public, executives can avoid oversharing personal information on social media.

They can protect their web browsing by using browser extensions to block trackers. They can maintain strong passwords, use a separate email address for sensitive activities, and be on high alert for any suspicious sounding communications.

They can also remove their data from people search sites that publish it. There are currently over 190 of these sites. Data from my company, OneRep, shows that the average person has data records on 46 of them.

People search sites are legally required to remove your information on request, but they aren’t legally required to make it easy for you to submit that request. Few people, least of all executives, have the time to approach 46 sites and request their data be removed. Even if they could, it’s a Sisyphean task. Our data shows that much of this information resurfaces within four months–when they get their next data dump from their data broker.

Fortunately, there are technology companies that can comb all the people search sites, locate your records, and automate the removal process. They also provide continued monitoring and removal of your data should it reappear.

The proliferation and widespread availability of personal data is dangerous for public-facing executives, their families and their companies. Companies understandably prioritize protecting the physical safety of top executives, but in today’s polarized, always-on world, keeping executives safe online is also imperative. It’s a small investment that pays dividends in peace of mind.

Author Bio:

Dimitri Shelest is a tech entrepreneur and the CEO at OneRep, a privacy protection company that removes public records from the Internet. Dimitri is an avid proponent of privacy regulation framework and likes to explore cybersecurity and privacy issues as a writer and reader on various platforms.

The post One Overlooked Element of Executive Safety: Data Privacy appeared first on Cybersecurity Insiders.

Email is a vital communication tool for organizations across industries but also serves as a primary attack vector for cybercriminals. To put this in perspective, over 376 billion emails are sent every single day. And according to Verizon, over 90% of malware is delivered via email.

To combat this rapidly evolving threats landscape, organizations must proactively address email security challenges. This e-guide offers an in-depth understanding of the email security landscape, actionable guidance on implementing and maintaining robust email security solutions, and an overview of leading email security solutions including Abnormal Inbound Email Security, Check Point Infinity Mail Protection, Cisco Email Security, Cofense Intelligent Email Security, Forcepoint Email Security, Fortinet FortiMail, Fortra’s Advanced Email Security, Libraesva Email Security, Mimecast, OpenText Cybersecurity: Webroot Advanced Email Threat Protection, Proofpoint Threat Protection Platform, Red Sift’s Digital Resilience Platform, Sophos Email Security, Trellix Email Security, and Trend Micro Email Security.

Understanding the Email Security Landscape

A thorough understanding of the latest email security trends and challenges is essential for organizations to defend against emerging threats. This section delves deeper into the most common and emerging email security trends, explaining their nature, significance, and providing insights into each trend.

Latest email security trends

  • Phishing and spear-phishing attacks: Phishing is a type of social engineering attack where cybercriminals use deceptive emails to trick recipients into divulging sensitive information or downloading malware. Spear-phishing is a more targeted form of phishing, where attackers personalize their approach to increase their chances of success. Organizations must monitor for new phishing tactics, train employees to recognize them, and implement advanced email filtering solutions.
  • Ransomware attacks via email: Ransomware is a type of malware that encrypts an organization’s data, holding it hostage until a ransom is paid. Email is a primary delivery method for ransomware attacks, with attackers using malicious attachments or links to infect systems. Organizations must prioritize email security measures that block malicious attachments, educate employees about ransomware threats, and establish robust data backup and recovery processes.
  • Business Email Compromise (BEC) attacks: BEC scams involve cybercriminals impersonating high-ranking executives to manipulate employees into transferring funds or revealing sensitive information. These attacks often rely on social engineering tactics and email spoofing. Recognizing the prevalence of BEC scams helps organizations prioritize executive training and secure email practices to minimize the risk of financial loss and data breaches.
  • Insider threats: Insider threats arise from employees accidentally or intentionally causing security breaches by mishandling sensitive information. These breaches can result from human error, malicious intent, or inadequate security training. Acknowledging the potential for internal security breaches highlights the importance of proper employee training and access control measures.
  • Supply chain attacks: In supply chain attacks, cybercriminals target third-party vendors to access sensitive information of their clients. These attacks can compromise email security by exploiting vulnerabilities in vendor systems or by using vendor credentials to launch phishing or BEC attacks. Understanding the risk of supply chain attacks allows organizations to assess and monitor the security of their entire supply chain.
  • Increase in remote work: The COVID-19 pandemic has led to a shift in work patterns, with more employees working remotely and relying heavily on email communication. This shift has increased the attack surface and highlighted the need for robust email security measures, including secure remote access solutions and employee training on secure email practices.

Implementing and Maintaining Effective Email Security Solutions

In this section, we will explore some of the most important email security best practices, including employee training and awareness, anti-spam and anti-phishing filters, email authentication protocols, multi-factor authentication (MFA), secure email gateway (SEG), email encryption, monitoring and logging email activity, email security policies, and incident response planning. By implementing these solutions and practices effectively and keeping them up-to-date, organizations can significantly reduce the risks associated with email-based attacks and ensure that their email environments remain secure.

  • Employee training and awareness: Educating employees about email security best practices, emerging threats, and how to identify phishing emails is crucial for minimizing human error. Regular training sessions and simulated phishing exercises can help employees stay vigilant and recognize potential threats. For example, organizations can use platforms like KnowBe4 to create realistic phishing simulations and assess employee responses, allowing them to identify areas where additional training may be needed.
  • Anti-spam and anti-phishing filters: Deploying advanced anti-spam and anti-phishing filters is vital for identifying and blocking malicious emails before they reach users’ inboxes. These filters utilize machine learning algorithms to analyze email content and detect phishing attempts, reducing the risk of successful attacks. For instance, solutions like Mimecast’s Secure Email Gateway provide sophisticated filtering options, including real-time scanning, URL rewriting, and impersonation protection.
  • Email authentication protocols: Implementing email authentication protocols, such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance), helps prevent spoofing and ensures the integrity of email communications. These protocols validate the sender’s identity and verify that the email has not been tampered with during transit. For example, implementing DMARC can significantly reduce the risk of BEC attacks by allowing recipients to verify that the email originates from the purported sender’s domain.
  • Multi-factor authentication (MFA): MFA is a security measure that requires users to provide multiple forms of identification to access email accounts and other sensitive systems. By adding an extra layer of security, MFA makes it more difficult for attackers to gain unauthorized access. For example, Google Workspace offers a built-in MFA feature that allows users to authenticate using a combination of their password and a one-time code sent to their mobile device or generated by an authenticator app.
  • Secure email gateway (SEG): Implementing an SEG to inspect and filter inbound and outbound email traffic for threats, such as malware, phishing, and spam, is essential. SEGs play a crucial role in maintaining email security by blocking malicious emails before they reach users’ inboxes. For example, Barracuda Essentials is a cloud-based SEG that provides advanced threat protection, data loss prevention, and email archiving capabilities.
  • Email encryption: Encrypting sensitive emails protects the confidentiality of their contents during transit and storage. Email encryption helps prevent unauthorized access to sensitive information, reducing the risk of data breaches. For instance, ProtonMail is an email service that offers end-to-end encryption, ensuring that only the intended recipient can decrypt and read the email content.
  • Monitoring and logging email activity: Regularly monitoring and logging email activity helps detect anomalies and potential security incidents. Monitoring and logging are essential for early detection and remediation of email security breaches. For example, Splunk can be used to collect and analyze email logs, generating real-time alerts when unusual activity is detected.
  • Email security policies: Establishing and enforcing clear email security policies guide employees’ behavior and set expectations for secure email practices. Well-defined policies are critical for maintaining a strong security culture within the organization. These policies should cover topics such as password requirements, data handling, email attachments, and reporting suspicious activity.
  • Incident response planning: Developing and maintaining an incident response plan for email security incidents ensures a swift and effective response to minimize damage and prevent future attacks. A robust incident response plan is vital for managing and mitigating the impact of email security breaches. The plan should include clear roles and responsibilities, communication channels, and a process for reporting, investigating, and remediating security incidents.

Selecting the Right Email Security Solution for Your Organization

Choosing the right email security solution is crucial for safeguarding your organization’s email environment effectively. This section discusses the process and decision criteria for selecting the most suitable email security solution based on an organization’s specific needs. Additionally, typical organization profiles are outlined, along with the ideal email security solutions for each.

Process and Decision Criteria

Selecting the right email security solution is a critical decision for any organization. With so many vendors and solutions available, it can be challenging to determine which one is best suited for your organization’s needs. In this section, we will discuss the process and decision criteria for selecting an email security solution.

  • Assess your organization’s needs: Begin by evaluating your organization’s unique requirements, including the size, industry, and regulatory environment. Consider factors such as the volume of email traffic, sensitivity of the data being handled, and the potential impact of email security breaches.
  • Identify key features: Determine the key features your organization needs in an email security solution. These may include advanced threat protection, data loss prevention, email encryption, archiving, and compliance management.
  • Evaluate vendor offerings: Research and compare the offerings of various email security vendors, taking into account the features, performance, ease of use, and integration with existing systems. Consider the vendor’s reputation, customer support, and expertise in the field.
  • Prioritize usability and scalability: Look for solutions that are user-friendly and easy to deploy, manage, and maintain. Ensure that the solution can scale to meet your organization’s needs as it grows and evolves.
  • Estimate total cost of ownership (TCO): Analyze the overall cost of the solution, including initial investment, ongoing maintenance, and any potential hidden costs. Consider the potential cost savings from reduced risk and improved productivity.
  • Test and validate: Request product demonstrations or trial periods from vendors to evaluate the solution’s effectiveness and compatibility with your organization’s existing infrastructure.
  • Consult with stakeholders: Involve relevant stakeholders in the decision-making process, including IT, security, legal, and compliance teams, to ensure the chosen solution meets everyone’s requirements.

Typical Organization Profiles and Ideal Email Security Solutions

When it comes to email security solutions, one size does not fit all. Different organizations have different needs based on their size, industry, regulatory requirements. Small and medium-sized businesses, large enterprises, and organizations using cloud-based email services all have unique requirements for protecting their email environments. In this section, we’ll explore typical profiles of organizations and the ideal email security solutions that meet their specific needs.

  • Small businesses (<250 employees): Small businesses generally have limited budgets and IT resources, making it essential for them to choose affordable, easy-to-use email security solutions that provide basic threat protection features. Cloud-based email security solutions, such as Microsoft Defender for Office 365 or Sophos Email Security, are well-suited for small businesses due to their cost-effectiveness, ease of deployment, and management simplicity. These solutions offer essential features, including anti-spam, anti-phishing, and basic malware protection, to keep small businesses secure without overwhelming their IT resources.
  • Mid-sized organizations: As organizations grow, their security requirements become more complex. Mid-sized organizations need comprehensive email security solutions that provide advanced threat protection, data loss prevention, and email encryption. Solutions like Mimecast, Barracuda Essentials, or Trend Micro Email Security offer a good balance between advanced features and ease of use. These solutions are capable of handling larger email volumes and addressing more sophisticated threats like targeted phishing attacks, ransomware, and email impersonation.
  • Large enterprises: Large enterprises with extensive email traffic and complex security requirements need robust, scalable email security solutions offering a wide range of features. These include advanced threat protection, data loss prevention, email encryption, compliance management, and integration with other security solutions. Solutions like Proofpoint, Cisco Email Security, or Symantec Messaging Gateway are ideal for large organizations due to their high-performance capabilities, extensive threat intelligence, and adaptability to the organization’s existing infrastructure.
  • Highly regulated industries: Organizations operating in industries with strict regulatory requirements, such as finance, healthcare, or government, need email security solutions that provide strong compliance management and data protection features. Solutions like Forcepoint Email Security or Fortinet FortiMail offer advanced data protection and compliance management capabilities, including email encryption, archiving, and detailed reporting features. These solutions help organizations adhere to industry-specific regulations, such as HIPAA, GDPR, or SOX, by ensuring sensitive information is protected and well-managed.
  • Remote or distributed workforce: Organizations with a remote or distributed workforce need email security solutions that can be accessed and managed from anywhere, while still providing comprehensive protection. Cloud-based email security solutions like Mimecast, Barracuda Essentials, or Trend Micro Email Security are ideal for these organizations, as they offer remote management capabilities and can be deployed quickly across multiple locations.
  • Education sector: Educational institutions require email security solutions that protect against a wide range of threats while being cost-effective and easy to manage. Solutions like Cisco Email Security or Microsoft Defender for Office 365 offer essential features such as anti-spam, anti-phishing, and malware protection, as well as more advanced features like data loss prevention and integration with other security tools commonly used in educational settings.

By understanding the unique needs and challenges of different organization profiles, decision-makers can choose the ideal email security solution tailored to their specific requirements. This ensures a secure email environment and protects the organization from cyber threats while being mindful of budgetary constraints and the organization’s existing infrastructure.

Popular Email Security Vendors

Selecting the right email security solution is crucial for protecting your organization’s email environment. This section provides an overview of some of the leading email security vendors and their respective strengths:

Abnormal Inbound Email Security: Abnormal, a Gold Cybersecurity Excellence Award recipient in 2023, offers leading-edge inbound email security solutions. Known for its AI-driven detection and prevention capabilities, Abnormal stands out for providing real-time, automated response to threats. This approach allows for efficient, proactive defense against email threats, making it a prime choice for medium to large businesses seeking advanced automation. Learn more at: https://www.abnormalsecurity.com

Check Point Infinity Mail Protection: Check Point’s solution stands out with its Infinity architecture, delivering a unified, cloud-based email security solution. Notable for its advanced threat detection and prevention capabilities, Infinity Mail Protection excels at tackling phishing, ransomware, and APT attacks. The integrated approach makes it a solid choice for organizations seeking cohesive security infrastructure. Discover more at: https://www.checkpoint.com/products/email-security-software-blade/

Cisco Email Security: Cisco provides diverse email security solutions, offering both cloud-based and on-premises deployments. With advanced threat protection capabilities and seamless integration with other Cisco security products, Cisco stands out for its scalable solutions and a broad product ecosystem. Its solution is best suited for larger organizations with complex security needs. Discover more at: https://www.cisco.com/c/en/us/products/security/email-security/index.html

Cofense Intelligent Email Security: Honored with a Silver Cybersecurity Excellence Award in 2023, Cofense provides intelligent email security solutions. Its platform stands out for its focus on phishing-specific threats and its user-awareness training tools, educating users to recognize potential threats. This blend of technology and education makes Cofense a suitable choice for organizations of all sizes that prioritize employee training. Visit: https://www.cofense.com

Forcepoint Email Security: Forcepoint offers both cloud-based and on-premises email security solutions with advanced threat protection, data loss prevention, and email encryption. Its flexible deployment options and strong threat intelligence capabilities make it a reliable choice for businesses of all sizes that require adaptable security solutions. Visit: https://www.forcepoint.com/product/content-security/forcepoint-email-security

Fortinet FortiMail: Fortinet’s email security platform, FortiMail, stands out with its high-performance email filtering, data loss prevention, and protection against spam, phishing, and malware. Its tight integration with other Fortinet security products makes it an excellent choice for organizations already using Fortinet’s suite of security solutions, particularly medium to large enterprises. Learn more at: https://www.fortinet.com/products/email-security/fortimail

Fortra’s Advanced Email Security: Fortra, a 2023 Gold Cybersecurity Excellence Award winner, offers a high-performance email security solution. Its platform distinguishes itself with advanced AI-driven threat protection, making it a standout choice for organizations seeking cutting-edge security technology, particularly those in high-risk sectors like finance and healthcare. Discover more at: https://www.fortra.com

Libraesva Email Security: Libraesva, a Gold Cybersecurity Excellence Award recipient in 2023, offers comprehensive email security solutions. Known for its advanced threat protection and seamless integration capabilities, Libraesva is unique in its strong emphasis on combating email fraud. This focus makes it an ideal choice for organizations operating in sectors where email fraud is a significant concern. Visit: https://www.libraesva.com

Mimecast: Mimecast’s cloud-based email security platform stands out with its comprehensive protection against phishing, spam, and malware. In addition to this, it provides email archiving and continuity services. Known for its ease of use and seamless integration with popular email platforms, Mimecast is well-suited for medium to large organizations that prioritize ease of use and robust security features. Learn more at: https://www.mimecast.com/products/email-security/

OpenText Cybersecurity: Webroot Advanced Email Threat Protection: As a Gold Award winner in the 2023 Cybersecurity Excellence Awards, OpenText’s Webroot offers advanced email security solutions. Its unique approach to threat intelligence and comprehensive protection against phishing, spam, and advanced threats make it a reliable choice for organizations that place a premium on advanced threat intelligence, particularly mid to large-scale enterprises. Discover more at: https://www.webroot.com

Proofpoint Threat Protection Platform: A Gold Award Winner in the 2023 Cybersecurity Excellence Awards, Proofpoint’s comprehensive platform stands out for its focus on people-centric security. It offers advanced threat protection, targeted attack prevention, and integrated response capabilities. This platform is an excellent fit for larger organizations that need to protect high-risk users from advanced threats. Explore more at: https://www.proofpoint.com

Red Sift’s Digital Resilience Platform: As a Gold Award Winner in the 2023 Cybersecurity Excellence Awards, Red Sift offers an email security solution that is part of their digital resilience platform. This platform stands out with its holistic approach to security, not only securing emails but also providing insight into the broader security landscape. It’s an excellent choice for businesses of all sizes, particularly those seeking a comprehensive view of their digital security. Learn more at: https://www.redsift.com

Sophos Email Security: Sophos offers a powerful email security solution that stands out with its use of AI to detect and respond to email threats. In addition, its intuitive management dashboard provides a simplified user experience. These features make it a strong option for small to medium businesses looking for a balance of advanced technology and ease-of-use. Visit: https://www.sophos.com/en-us/products/email.aspx

Symantec Email Security: Symantec, a division of Broadcom, provides a comprehensive email security solution that offers strong threat protection capabilities, data loss prevention, and email encryption. Symantec’s strength lies in its global intelligence network, providing real-time threat information to ensure robust defense against emerging threats. This makes it an ideal choice for large enterprises and industries facing a high volume of targeted attacks. Learn more at: https://www.broadcom.com/products/cyber-security/email

Trellix Email Security: A 2023 Gold Cybersecurity Excellence Award winner, Trellix provides a powerful email security solution. Trellix’s unique offering is its focus on proactive threat hunting and response, providing an added layer of security over reactive solutions. This approach makes it a suitable choice for medium to large enterprises that require advanced, proactive email security measures. Visit: https://www.trellix.com

Trend Micro Email Security: Trend Micro offers an advanced email security solution that uses machine learning to block a wide range of threats. In addition, its focus on protecting against business email compromise (BEC) sets it apart from many competitors. Its powerful yet user-friendly platform makes it a great fit for organizations of all sizes, particularly those seeking strong defenses against BEC. Explore more at: https://www.trendmicro.com/en_us/business/products/user-protection/sps/email-and-collaboration/email-security.html

By evaluating these email security vendors and their respective strengths, organizations can select the solution that best meets their specific needs and requirements, ensuring a secure email environment.

Conclusion

In today’s digital landscape, email security is more important than ever. Organizations must prioritize email security by staying up-to-date with the latest trends, understanding the nature of threats, and implementing robust email security solutions to mitigate risks. Employee training, advanced threat protection, email authentication protocols, and continuous monitoring are all critical components of an effective email security strategy.

This e-guide has provided insights into the latest email security trends and challenges, actionable guidance on implementing and maintaining email security solutions, and an overview of the top email security vendors. By utilizing this information, you can take the necessary steps to protect their email environment from cyber threats and maintain a secure communication infrastructure.

The post Email Security in 2023 – An Insiders Guide to Best Practices & Top Vendors appeared first on Cybersecurity Insiders.

By Steven Spadaccini, VP Threat Intelligence, SafeGuard Cyber

In 2022, cybersecurity further became a top priority for businesses around the world following critical attacks on both the public and private sectors and of course, the use of cyber warfare as a Russian tactic in its invasion of Ukraine.

This year, organizations have spent significant time and resources attempting to mitigate the risks associated with Business Communication Compromise, including phishing attacks and Personally-Identifiable Information leakages.

In 2023 we will see malicious actors increase the frequency of and escalate tactics and techniques around communication. Below are my top 5 predictions for Business Communication Compromise in 2023.

1 – The death of email: Modern workforces will continue to choose unsecured communications channels – If an employee feels like their security and compliance solution is curtailing their freedom to communicate effectively and efficiently, chances are they’ll find another way to circumvent the process and monitoring tools. According to a 2022 Business Communication Report, 45 percent of business communication happens in digital channels outside of email. This is a trend that will escalate in 2023.

Digital natives in particular are still not open to completely following cybersecurity protocol for various reasons, and frequently communicate via channels outside of email. Those reasons include:

  • The security protocol slows tasks and operation progress with long, tedious authentication processes.
  • It hinders productivity by restricting access to documents and data that a teams/individuals might need to complete a task.
  • Constant monitoring induces anxiety and raises stress levels because of the feeling of “being watched.”
  • Privacy seems moot when your security solution flags every message on your platform and sends them to an IT security personnel for evaluation.

2 – LinkedIn becomes the most prevalent non-corporate communication channel for data leakage due to new jobs on the market and the recession – Increased layoffs across the globe will lead to job seekers utilizing messaging channels to communicate with potential employers, specifically LinkedIn messenger. Departing employees are far more likely to share critical information and data about their former employer in these communications. In many cases, job seekers will be looking for similar positions and will believe that sharing specific data from their former company will give them a leg up in landing their next gig.

3 – 2023 will see an increase in email phishing campaigns that lead to Third-Party Supply Chain ransomware attacks against enterprise Slack or Teams platforms – Phishing attacks are becoming more collaborative and span multi-channel communications. An attacker will need to impersonate several communication platforms in order to gain trust from the target. Attackers are looking for any way into an organization and are becoming better at language-based attacks that travel across communication channels, making it easy to deliver ransomware in unmonitored collaboration applications.

4 – Attackers will use credentials acquired from the DarkWeb to infiltrate a corporate communication channel like Zoom or Slack for a major financial institution, which will lead to compromising data about executives within the organization – Once an attacker obtains credentials, they will then log into a corporate channel that is not monitored and will be able to operate within it for hours unnoticed. This gives them ample time to observe and/or exfiltrate sensitive data. A similar real world example occurred in September when an attacker compromised an Uber employee’s credentials and then revealed themselves in the corporate Slack channel. There will be a direct correlation in 2023 of compromised accounts, either stolen or sold, that will be used to attack an organization in minimally observed communication channels.

5 – Corporate attacks and breaches through targeted personal communications go mainstream and drive tension between employees and employers – Social engineering attacks originating in employee owned communication channels are highlighted in the news on a weekly basis. Cyber criminals are targeting high value employees on LinkedIn, Telegram & WhatsApp to infiltrate enterprises. Employers are struggling to enforce mandates and policies but will have to weigh the risk vs. rewards. Contention between personal privacy and corporate visibility to protect organizations – will see its first class-action suit – testing the boundaries of employee mandates and corporate control in legal settings.

Looking Ahead

As we look ahead to the new year, here’s a few things that businesses need to consider in order to avoid the ramifications of Business Communication Compromise.

  • Ensure Visibility Across All Communication Channels
    • Reducing the risk present in business communication tools begins with visibility. You can’t protect your organization from attacks you can’t see.
  • Implement Robust Detection Capabilities
    • Once monitoring is in place, detection capabilities must be added to all communication channels. This must include the ability to detect the context and intent of human communications–since many of today’s attacks involve more sophisticated social engineering techniques that are difficult to detect using traditional signature-based tools.
  • Integrate Response Actions to Block Attacks
    • With monitoring and detections in place, the final step to protecting against sophisticated BCC attacks is to add integrations with communication channels and IAM solutions to allow rapid response. This must include manual actions that security personnel can initiate, as well as automated actions when threat levels are high and/or risk to the business is significant.

The post Business Communication Compromise (BCC) Predictions for 2023 appeared first on Cybersecurity Insiders.

If your email account gets hacked, the first thing to do is to contact the email services provider and inform them about the compromise. One can use the security question that was used at the time of registration to regain control over the account via a recovery service/procedure.

Since an email compromise can lead to identity theft, better watch for any kind of other account takeovers, as people use the same username and password across all services provided by a single service provider. Like Google, where one account compromise can leak data from drive, Gmail, photos, videos and such…

And once you gain control over the compromised account, check what all devices are connected to it and whether all of them belong to your ownership. Like smart TV, smart phone etc.…

The very first thing to do is to change the password as quickly as possible and use an alpha-numeric password that is tucked between one or two special characters. Better if you craft the password that is over 12 characters and by far.

Notify those on the contact list and specify to them that the account was compromised on so and so date and if at all they received any mail communication after that date, ask them to ignore the content and subject-lines.

Enable a 2FA and use a smart phone, or a physical key or a printed code to get access to the account.

Deploy a security solution for sure on the device and enable an automated scan once a day or at least in a week.

Monitor your social media accounts and banking transactions, as email compromise can also lead to other issues.

 

The post What to do if an email account gets hacked appeared first on Cybersecurity Insiders.

Email has a lot going for it. It’s quick, easy, and incredibly widely used. However, just like every other remote form of communication, it faces a glaring challenge. How can an email recipient be absolutely sure that the email is from who it says it’s from?

Welcome to the world of email spoofing. Thankfully, there are some simple techniques you can adopt to fight it. Let’s dive in. 

What is email spoofing?

Email spoofing is what happens when, in a phishing attack, an email appears to be from somebody it actually isn’t from. What has happened is that a fraudster has forged the email header so that the receiving server mislabels the email’s sender. 

The receiver then gets the email and thinks that they know the sender. As a result, they are more likely to treat the message content with a degree of trust than they would otherwise. Where this ends can mean data breaches or even corporate funds being appropriated. 

So, it’s serious. The phishing that’s often associated with email spoofing is rising at a phenomenal rate. 

Why is email so vulnerable to spoofing? The main reason lies in the limitations of the actual process used to send emails. SMTP (Simple Mail Transfer Protocol) doesn’t have the facility to check that the sender’s identity is actually genuine. 

So, if somebody wants to send a spoof email, all they have to do is to find one of the many free SMTP services that are available online. Then, they can create the message, and input the desired address in the From box. That’s it. No, email spoofing is not the exclusive realm of criminal masterminds, using hi-tech banks of computers and hardware like an IBM AS 400 mainframe.

There are even dedicated email spoofer programs available. So a would-be email spoofer’s work is basically done for them. 

You may be thinking to yourself ‘Ah – but if the hacker inputs a fraudulent email address in the From box, then surely any replies will go to that address rather than the hacker’s. What’s the point in that?’

This is the reason why the message itself will have links within it that the recipient is strongly urged to click on. Enticements might be positive (‘Click to win!’) or negative (‘Follow this link to stop your car insurance from going through the roof’). Whatever they are, they tend to work. 60% of security professionals report that their organizations have lost data thanks to a phishing attack. 

So, it’s clearly a major problem with enormously damaging potential consequences. What can be done about it? An increasingly important source of help is the government. For instance, in the UK, the National Cyber Security Centre has launched an Email Security Check service to combat the problem of email spoofing. 

This aside, there are plenty of ways you can help yourself. 

1. Check the address

Although the identity may be fraudulent, the actual address that’s in the mail-to box will be authentic. In other words, look beyond the stated identity to see the blahblah@blahblah.com address. Be alert for real addresses that ape respectable ones. Like g00glehelp@gmail.com.  

Check things like domain extensions. For instance, if you’re dealing with Australian companies, they’re likely to have Aussie domain names. If not, a closer inspection might be warranted. 

Gmail users have a powerful weapon here. You can open the email, then click on the drop-down under the sender’s name. This will reveal information about the sender’s address as well as a signed-by field. Other email servers will have this information available in their own ways. 

If this all looks consistent, the chances are you’ve received a legitimate email. This is because it’s passed SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) verification protocols. These are security techniques put in place by the server. 

See below for further details on these and other software means of verification. 

2. Does it seem out of place?

This might be more of an obvious one, but sometimes the obvious needs to be pointed out. Does the email clash a little with what you would normally expect to receive? 

Say you’re a VoIP engineer, ordinarily engaged in matters related to call routing in Dialpad. If you receive an email concerning how much money there is waiting for you on the other end of just one little click, then you might be somewhat taken aback, and more than a little skeptical. 

3. Try asking

If you receive an email you’re not sure about, there’s nothing wrong with asking for more information. But let’s have a caveat here – make sure to only use the sent-from address. Don’t click on anything in the message itself. 

A further caveat. Let’s say the email looks like it comes from a family member, in which they ask for an emergency loan. You can email them back, asking to see if it’s legitimate. If they reply from their own address saying ‘yeah, cash please!’ then that should be fine, shouldn’t it? Actually, not necessarily. Your family member’s email account may have been hacked. 

In short, by all means ask for more information, but still don’t commit to doing anything fast and drastic. Best bet? Give them a call. 

4. Google it

If you’ve received an email that seems suspicious, put its details into Google. You can just copy and paste the whole message if you like. If it’s a phishing gambit that’s doing the rounds, the chances are it’ll pop up in your SERP. 

If it’s as dodgy as you thought it might be, go back to your email and delete it. And report to your line manager if it happens at work. 

5. Distrust urgency

When you get an email emphatically prompting you to click in order to avoid some dreadful impending misfortune, the chances are it’s a spoofed email. By intoning urgency, the sender is hoping to bypass the recipient’s natural skepticism, encouraging them to stand checkpoints down in the interest of averting disaster. 

There are certain words in the subject line to beware of that are often associated with spoofed emails. These include request, follow-up, business proposal, are you available, invoice due, and, simply, hello.

If the email warns of something like irregular bank account activity, go directly to your account via your usual means. Don’t click on any link in the email. 

It should go without saying that if you’re feeling in any way coerced or manipulated, then you should apply the brakes and report the email to your line manager. 

After all, if it really is an emergency, there’s always the phone. 

6. Look at grammar

If the message claims to be from an authoritative source but they struggle to string a sentence together without glaring typos and grammar issues, it’s time to get suspicious. Typically if senior management are getting paid the big bucks, they should at least be able to spell, so it’s worth double checking.

7. Don’t use the same email account for everything

If you’re just using an address in order to sign up for something but you’re not bothered about subsequent interactions with that business, then use throwaway addresses. This way your primary email address won’t get included on so many mass mailout databases, which means it won’t get so spammed up or spoofed up. 

8. Software solutions

There’s a wide range of verification protocols that you can implement in order to single out spoofed emails. We’ve already mentioned SPF and DKIM, but on top of these there’s also DMARC, or Domain-based Message Authentication and Secure/Multipurpose Internet Mail Extensions. 

Whatever system you use, the idea is that they work automatically, intercepting spoofed emails without you even being aware of the process. 

9. Training

There needs to be an extensive rollout of best practices for detecting email spoofing, just like with all other aspects of cybersecurity. Every user represents a vulnerability that a hacker can exploit, so make sure all your users are as savvy as possible. 

Give them easy-to-remember techniques for spotting spoof emails, and make sure they know what to do if they find something that looks suspicious.

Remember to update them on the latest threats, and carry out tests to see where the vulnerabilities appear to be concentrated. It might be an individual who needs a little more support, or it could be that there’s a high volume of emails that results in a number of employees feeling overwhelmed hence not capable of proper vigilance.

Staff need to be told that there’s no embarrassment in falling for an attack. After all, studies suggest that CEOs are the worst offenders. The most important thing is to let others know if there has been an incident. 

10. Stopping outgoing spoofing

Obviously, you’re not just going to want to spot spoofed emails coming in. You also want to stop hackers using your business as a means by which they can spoof emails to your customers and partners. If a client expects to receive a consulting report from you, but gets phished after clicking on a spoofed email’s links, they might leave with a negative impression of your company even though you had nothing to do with it. 

Apart from the above software protocols, you can also implement practices such as having clear branding and bold design in use on every official email that a spoofer might find difficult to copy. Branding is, after all, all about authenticity. 

The email newsletter below from the New York Times includes its distinct font and logo which both can help make a potential recipient feel more confident in clicking on the contents of the message. 

Put your business phone number from Dialpad on there too. This way, people can call to check if it’s really you. 

Conclusion

So, unfortunately spoofing is a lot less funny than it sounds. It can create havoc both with businesses and individuals and is incredibly widespread. 

Thankfully, there are a great many ways we can seek to combat it. Using these techniques, we can be reasonably confident. But we must stay vigilant. Often, the hacker only has to get lucky once to bring catastrophe to your business. Don’t have nightmares though. Just keep your eyes peeled. 

Bio:

Gerard D’Onofrio – Country Manager, Australia, Dialpad

Gerard D’Onofrio is the Country Manager for Dialpad Australia, an AI-equipped business communications solutions platform for better communications at work through features like Dialpad’s enterprise VoIP. Gerard is experienced in discovering world-class developments and turning them into effective business advancements, wherever he goes. He has also written for other domains such as Spa Industry Association and Agility PR Solutions. Here is his LinkedIn.

The post The Case of Email Spoofing: How to Identify And Avoid Email Attacks appeared first on Cybersecurity Insiders.

Microsoft (MS) security teams have recently discovered that threat actors are using OAuth applications to compromise email servers and then use them to spread spam. Already, three of the big companies were targeted by threat actors who use phishing attacks to spread the malicious OAuth application.

OAuth is a kind of open standard password-based access to get access to sensitive data from an application. The Windows Operating System giant found that the app was being used to maliciously connect to the email server and send spam emails that looked as if they originated from the actual source, but weren’t in real.

Concerningly, the Satya Nadella led company discovered that cyber criminals are exploiting and using Oauth applications for malevolent purposes such as backdoor propagation, C2C communication, phishing, redirection and such.

Multi factor authentication aka MFA and condition-based access policies deployment will help in mitigating such risks, says the tech giant. Also, evaluation of security default credentials and replacing them with new ones can also bolster the security strengths of active directories.

Note- In June 2019, MS made an official announcement that it would shift away from Basic Auth scheme i.e., HTTP based auth scheme from Jan’23 and in August this year it reissued a reminder twice that it would disable basic auth to all its random tenants as the platform had several security limitations and has now turned obsolete.

 

The post Microsoft discovers OAuth applications being used to compromise email servers appeared first on Cybersecurity Insiders.

Can you remember your first email? Either sending one, or receiving it? I certainly remember explaining to people what email was, and I also remember someone telling me they could live without their email server for “about a month before it becomes a problem”. Can you imagine that now? A month without email? Emails are […]… Read More

The post Email and cybersecurity: Fraudsters are knocking appeared first on The State of Security.