It is estimated that up to 80% of cyber attacks against businesses start with a simple email.
If we think about it, an e-mail message is the easiest and fastest way to send material directly to our victim’s computer or smartphone. Often the first message that starts the attack is not always directed at the victim: the attack can, in fact, be aimed at a normal employee who without realizing it will act as a Trojan horse to hit the real target, usually an important person in the company and probably subjected to security measures (IT) or higher attention.
The attacks can be many and different depending on the target to be hit and the size of the company. What almost all attacks have in common is that the main tool with which they are carried out is email.
Types of attacks
Let’s see which are the most common types of email attacks:
- Malware: the attempt to infect the victim’s computer by sending an email message with code or an attachment designed to infect and take control of the user’s PC, the classic computer virus.
Usually, this type of attack is aimed at users who are invited to open and execute the attachment in the message;
- Phishing: email messages that contain an invitation to perform an action following hypothetical problems or data to be confirmed, such as click here to confirm your current account before it is blocked, or enter your email address to confirm your identity.
The goal of these messages is to steal user credentials and then carry out real scams;
- BEC / Impersonation attacks / False CEO scam: there are different names to define the same type of scam, i.e. the one in which you receive an email from a person you know who asks you to take an urgent action and without asking too many questions . The idea is that if you are an administrative employee and your boss sends you an email asking you to make a bank transfer urgently, you do it because you trust him and that request. The problem is that it is not he who sent you that request but someone who pretends to be him.
Types of protection
How should a company do to defend itself against these dangers which are now increasingly widespread?
Let’s start by saying that there is no single security solution, but the security will be as high as the measures put in place.
- Personnel training: this is the first and most important safety measure to be put in place. It consists of explaining to your company staff what the dangers are, how they can arise and how to avoid them. We can safely say that with just this security measure, 50% of email attacks could be repelled.
- Local antivirus: all workstations and users’ devices must be equipped with an excellent antivirus system which, even in the event of any human error (for example, opening an infected attachment), intervenes by blocking the infection. To date, in the business environment, we talk about Endpoint Protection, that is the protection of any device (endpoint) in the hands of the user.
- Antispam and Antivirus on the email server: each server or email service, whether it is its own dedicated company mail server or that of its Provider, must be equipped with an email analysis system to prevent viruses and spam from ending up in users’ email boxes. These systems are very complex and expensive to manage, so an inexpensive provider or an incorrectly managed dedicated server will certainly offer little protection for its users.
- Dedicated Antispam Gateway: This is an additional service, which can be provided as dedicated hardware, software to be installed or in the Cloud, which goes to complement or replace the protection offered by the Provider or by the dedicated mail server.
It offers very high protection (if the chosen service is of quality), allowing you to increase and customize the security against email scams that the company intends to obtain. These are software that require specific training and several hours of work by a specialized technician to be configured in the best possible way; they are not “do it yourself” services and therefore their license cost can be very high.
Other ways to protect corporate emails
Before even putting in place complex methods to protect your emails, it is good to check that some simple precautions have been taken.
- SPF / DKIM / DMARC: these protocols help make life more difficult for someone who wants to scam email using your domain name.
SPF allows you to specify only the IP addresses authorized to send emails from your domain;
DKIM digitally signs your sent emails
DMARC allows you to define a policy that establishes what the recipient of an email from your domain should do in case SPF and DKIM are not the correct ones.
- Sandbox: this is a tool, which simulates a PC, where suspicious messages and the attachments present in them are sent and performed to check if they attempt to perform potentially dangerous or unauthorized operations. Definitely an additional security measure but the Sandbox also has negative implications as the analysis time is in the order of minutes (so a download attachment is waiting for some time) and that hackers know well to the point of reaching make the “virus” behave differently if it realizes it is in a sandbox.
How to best protect corporate emails
A good starting point is to choose a company email service provider that includes an Email Security system included in the service, so as not to have to worry about adding additional suppliers or wasting time selecting and installing additional software, with the risk of committing life-threatening errors.
Qboxmail is a business email management service in the Cloud, for companies and resellers, which already includes a complete Email Security solution in the service, which can also be combined with the Email Archiving service.
Qboxmail already includes SPF, DKIM and DMARC and a real-time email traffic log analysis system. The antivirus and antispam part consists of 3 engines to protect against malware, phishing and spam. These are active immediately and require no further configuration. With Qboxmail it is therefore not necessary to add an additional antispam gateway to the service, unlike traditional hosting providers where robust email security measures are not provided.
In addition, there is an Account Takeover Protection system that protects email accounts from credential theft by sending a warning to the user and the system administrator in the event that abnormal access to the service is detected.
You can try Qboxmail FREE for 30 days.