WHILE collaboration tools are becoming more popular, email remains the most popular communication tool and is one of the most common entry points for cyber threats.
Based on Mimecast's State of Email Security Report 2022, as shared by Mimecast regional vice president, Stanley Hsu, eight out of 10 businesses worldwide use email for communication and collaboration in 2021 and 75 per cent of organisations surveyed shared that they were affected by ransomware attacks last year, an upward trend compared to 61 per cent in 2020.
"With email threats evolving and becoming more frequent, organisations should incorporate best practices to maintain the hygiene and safety of their email inboxes," added Hsu.
Hsu also shared seven tips for keeping your inbox healthy.
1. Logging in with weak user credentials is the simplest way for threat actors to gain access to your account. To keep your account secure, use strong passwords that you change on a regular basis. Passwords should not be recycled as an extra precaution, and users should enable two-factor authentication.
2. Trust no emails, even if they come from within the company. Threats can originate from a bad actor within your organisation who has legitimate access to your network, applications, or databases. They might, for example, use internal phishing to spread attacks.
3. Be wary of impersonation. Business email compromise (BEC) attacks are a type of scam in which threat actors impersonate employees. They set up email accounts to impersonate a company executive or one of its business partners, and then use social engineering to trick unsuspecting employees to share confidential company information.
4. Threat actors frequently send emails that contain random letters or minor spelling variations in their names or email addresses so always double-check the sender's name, email address, and domain. Emails from public domains, such as Gmail or Outlook, are also more likely to be suspicious.
5. Remember to mark suspicious emails as spam. Automatic spam filters use machine learning to detect previously reported emails and automatically move them to the spam folder. By reporting suspicious emails as soon as you notice them helps to improve overall spam detection.
6. Malware can be planted in file attachments and URLs. Stopping automatic downloads and scanning all attachments and links before downloading is a good practice. Alternatively, email security software can be useful to detect suspicious attachments and automatically alert users to them.
7. Consider using a cloud-based email security solution. The possibility of human error resulting in email breaches is greatly reduced by using a technological solution. Furthermore, cloud-based solutions will be able to scan inboxes for malicious emails on a regular basis and keep up with the most recent cyber threat solutions without the need for downloading or updating hardware or software.