What To Look Out For In Emails – Cybercrime
Most Australians have received some form of online communication that causes concern as to the legitimacy of the communicator or source, and the risk of cybercrime.
In fact, according to the Australian Cyber Security Centre (ACSC), a cybercrime was reported every 10 minutes in 2020. Regardless of whether your employees are working from home (WFH) or in the office, they must always be educated and protected in regard to their cybersecurity.
A common form of cybercrime for businesses is via an employee’s work email. Verizon’s 2019 Data Breach Investigation Report reveals that over 90% of data breaches begin with email. A lack of education and support provided to your employee leaves them vulnerable to attacks, however, businesses must first understand the types of email-related risks and ways to detect them.
To understand email-related risks we have to understand the term ‘phishing’. Phishing is one of the most common forms of cybercrime. Phishing occurs when a fraudulent message (also known as a ‘lure’) is sent as a means to steal information. There are a variety of ways cybercriminals will try to lure you into completing some form of action in order to obtain information. The ACSC has created a great resource for those wanting more information on ‘phishing’. Find out here.
Types of email-related risks
Being aware of the threat emails can pose to your business is essential to understanding what you need to do to strengthen your email security and educate your employees. Below are some of the most common email-related risks
This type of attack occurs when someone steals a user’s credentials and other personally identifiable information by tricking users into providing (voluntarily) their login information through a false or compromised login page. An example for your business could be an email from your bank requesting to update your information.
Business email compromise (BEC)
Also referred to as spear phishing or whaling, BEC typically targets businesses who conduct wire transfers and have suppliers abroad. These types of emails are extremely sophisticated and can be difficult to detect even to the trained eye. BEC incorporates ‘social engineering’ which is a way to manipulate people into taking an action created by very realistic ‘bait’. An example may be an employee receives a message from your business’ IT department asking to click the link and change their password due to a new policy.
Loss or compromise of data
Loss or compromise of data can occur in a variety of different means and have differing effects as a result to the types of data being handled by email and how important they are to your organisation.
Malware or Ransomware
Malware or Ransomware attack by restricting the original user’s access and obtaining full access to the employee or business’ system or personal files. This can include blackmail in order to regain access.
Cybercriminals can use stolen credentials to access email accounts. The criminals are then able to bypass internal security and propagate threats and change account configurations. An account takeover is an extremely dangerous situation for a business to be a part of. The criminal can obtain all contact information of external accounts, send out phishing emails from your business email, and use the stolen information to gain further access to other accounts. They can even enable third-party apps, like Office365, which ensures that even after you change your password you still have a compromised account.
Ways to Detect Phishing Emails
Now that we have detailed the great extent email-related risks pose to your business, we can provide tips as to how to detect phishing emails. Pass this on to your employees:
The message is sent from a public email domain
A legitimate business will never send an email from a public domain. A public domain email is a free email service provider such as Gmail, Yahoo, Outlook and more. Most businesses, excluding some small businesses, will have their own email domain and company account. For example, here at Provide Technology, our contact email is firstname.lastname@example.org If the domain name matches the apparent sender then most likely the sender is legitimate, however, simply enter the company’s name into a search engine to check.
Tip: Look at the email address and domain name, not just the sender or ‘display name’
When criminals create fraudulent email addresses, they often have the choice to select a ‘display name’, which doesn’t have to relate to the email address. This means that when it turns up in your inbox their display name will appear not their email. If employees are ignorant to this type of manipulation it leaves them vulnerable to the email’s contents.
The domain name is misspelled
This point complicates our first point as unfortunately, cybercriminals can purchase a domain name from a registrar. However, as domain names must be unique it means that cybercriminals must alter the spelling or deliverance of the domain name.
An example is email@example.com
Noticing these tricks can be difficult, especially to an ignorant eye. Keep your employees informed about such tactics.
The email is poorly written
Poor spellings are key signs that the email is fraudulent. Most Australians have or have known someone who has received a poorly written email from a foreign prince or distant relative who needs money ASAP and can double the return. However, scammers are now utilising helpful spellchecker or translation machines that provide them with correct spelling.
Tip: Look for grammatical errors, not only spelling mistakes
Fraudulent emails can be received with no incorrect spelling but are full of grammatical errors that a native speaker wouldn’t make. This includes phrasing and missing words.
Includes suspicious attachments or links
No matter the form of email or its contents, it will also include some form of attachment or link. This will either be an infected attachment or links to a false website. The purpose is to capture sensitive information that can be utilised for account takeover, to encrypt malware or ransomware onto your server.
The message creates a sense of urgency
The longer humans think about something, the more likely they are to notice that something may not be quite right. This applies to fraudulent emails. Cybercriminals will create a sense of urgency to force the individual into action. ‘Act now or else it will be too late’ is an email scammers motto. An example includes ‘change the password immediately as your account has been hacked’. Cybercriminals are becoming more sophisticated by even duplicating a CEO or high figure in the business and sending emails posing as them. Such emails are extremely dangerous for employees as even if the recipient did suspect, they may be too afraid to question their boss.
How to protect yourself and your business
Educate your employees
To combat email-related scams educate your employees on what to look out for or speak to our team to find out how we can help. At Provide Technology, we offer an educational program that tests your employees’ susceptibility to phishing scammers. We utilise a system that sends out a phishing email to all users. This is designed to test your staff on their response as the email asks to click the link and provide login credentials. This test is then followed up with a training session and a further test to ensure your staffs have a better understanding of phishing traps and how to identify them.
There are also many online resources available from ASCS as well as third-party online courses that can help inform employees on their vulnerabilities to scammers. It’s important to also provide policies and practices for employees to seek immediate help if they have received or suspect a fraudulent email.
Increase your server security protection
There are a variety of parameters your business can put into place to offset uncontrollable breach variables, including human error. We suggest reading the ACSC’s ‘Essential Eight’ document which outlines strategies to mitigate cybercrime incidents. The outlined strategies are easy and simple controls that any size business can put into place to reduce the risk of an attack. Read more here.
Ensuring you keep your employees educated will reduce your business’ vulnerability to an attack. Scammers are becoming more sophisticated, and therefore, keeping up to date on the latest cyber threats is extremely important for any business.
If you have any questions or would like to find about how we can help, contact your Provide Technology advisor today.