It is incredibly important to train staff on how to prevent email security breaches. All sorts of malicious actors are intent on using venerable email networks for their own ends. Hackers occasionally do what they do for political reasons, but your business is probably more vulnerable to a more common kind of hacker – the kind that just wants your cold hard cash and your sensitive data.
The best method of preventing security breaches is to comprehensively train your staff to know the telltale signs of an attempted hack. Here are some of the things that staff should look out for when opening emails.
Unusual Or Unknown Senders
Hackers are not stupid, but they can be rather clumsy in their attempts to compromise security. Staff always need to check the name of the sender before opening an email. If they have received correspondence from the person that the email purports to be from before, they need to make sure that the two emails match exactly. Strange and unknown emails will often be very anonymous sounding – usually just a name with lots of numbers at the end of it. If it doesn’t come from a company domain that is trusted, don’t open it at all.
The senders of phishing emails will often try and replicate the kind of person or business you are used to dealing with. Once staff get to know how the fake addresses look, they will be able to spot them right away.
Poor grammar certainly isn’t just reserved for hackers, but it can be a telltale sign that the person you are being contacted by is not a serious business person. Very good hackers will, of course, have perfect grammar – so, staff should stay on guard even when receiving a well-worded message. Sometimes the grammar in an email will be good, but the wording slightly unusual. This is a red flag.
Prompts For Confidential Data
Some hackers will just straight up let you know what they want: they will include a request for personal data within the email itself. Emails like this will often purport to come from IT help desks or executives working internally within the company. This is a massive red flag. No staff should be in a position where they give away their passwords or company information over email in any circumstances. Email Security platforms offer your company an added layer of protection against these prompts – filtering received emails and weeding out suspicious examples.
Offers Of Information
A classic spear phishing tactic is to offer some useful information at the end of a link. Clicking on the link will install malware or prompt the staff member to give away their login information. This is the fate that befell the Democratic National Committee when Russian hackers tempted staffers to click on links that allegedly led to poll data.
If somebody offers information at the end of a link instead of in the body of the email they should not be trusted at all.