One of my previous blog posts focussed on phishing and what to look out for when using any email platform to protect you from threats from both inside and outside the corporate network. While phishing targets businesses or individuals to reveal sensitive information or to unleash malware on computers or their network, there are other means of obtaining the data that hackers are most interested in.
Take a recent incident when I received an email from an existing contact that looked completely normal. While it came from the sender’s email account, it had an attachment that was marked as an invoice, which puzzled me. The email looked authentic, was well written and had the relevant signatures. During my many years of awareness training, I had been taught to reach out to the contact on a new email to make sure it was them who sent it. Turns out it wasn’t, but they had no visibility of these emails as the hacker has deleted all sent items from their Exchange Online mailbox.
How many other recipients opened the attachment and spread all manner of threats to their own environment? If you aren’t aware of all risks, you are leaving a weak link in your business data protection processes.
Fortunately, there are ways we can try to avoid these email risks, whether someone has managed to get into your email account or if you receive emails from those people or any anonymous contacts pretending to be other people.
Change your password on a frequent basis
Sometimes your IT admin can enforce this, so you must change your password once every quarter for example, but on most occasions, this is down to the end user to do themselves. Every time you change your password, it allows a fresh timescale for a hacker to try to guess your password through research on you or through something like a brute force attack.
Enable multi-factor authentication
If you use a simple password that you can remember, chances are a hacker will chance upon it! Here’s a list of the 10 most-frequently used passwords by hack victims:
If you are adamant you will forget something more complex, you should consider using multi-factor authentication (MFA). MFA triggers a message via email, text, phone call or app to authenticate your identity. It will give you a code to enter as well as your password. If a hacker knows your password, they will struggle to get past the MFA because the chances of them knowing your password and having your phone at the same time are quite slim!
Office 365 advanced threat protection (ATP)
Even with the most complex set-ups, some emails will still slip through the net, especially if it came direct from a trusted sender with an attachment. With Office 365 ATP within Exchange
Online, security engines actively scan email attachments and links within emails to determine whether there is a threat. This also applies to files found within SharePoint and OneDrive for Business.
This up-to-date security tool deals with viruses and malware that could potentially render your machine useless. Mostly seen as a reactive option (due to the delayed scans in which a threat could get to work undetected quite quickly), it is still a good option to have whenever you are reviewing your security processes.
Internet layer protection
Anything that requires an internet breakout will first hit the security perimeter for review and the request either gets blocked or allowed based on passing certain criteria. This protects against nasty threats that call back out to the internet for other malicious software to be downloaded or other functions, like hitting other IP addresses in a botnet attack. The other great feature with this solution is the ability to monitor users’ internet activity to make sure they aren’t putting themselves at risk when visiting untrusted, illegal or non-business focussed websites.
If you are interested in finding out more on MFA for you and your staff, then please contact me directly and we can arrange a call to discuss the options available to you.