The Weakest Link in Your Security Strategy Is not a New Technology. It is Email.
Email is not only one of the most important channels of communication in day-to-day business, but unfortunately also one of the biggest gateways for cyber-attacks. When did email become the weakest security link? These days we know that email can contain malicious links, but we are not always trained to spot them, and sometimes we assume the spam filters will take care of it for us. Email has become the weakest link, and its costing businesses hard money.
Fast, cunning and ever adaptable, cyber-criminals consistently find ways to penetrate your security systems and get at your data.
Their best bet. Your employees.
When someone clicks, the attacker gains prolonged access to the system on average less than two minutes after the email reaches the inbox.
Phishing attacks fall into the following categories: Credential harvesting, 41%; extortion, 8%; malware, 51%; spear phishing, 0.4%
Unfortunately, this method has a high rate of success – in the hectic rush of day-to-day work, the recipient opens the attachment, clicks on the links it contains or carries out instructions that appear to come from the boss, without carefully checking the legitimacy of the message or consulting in-house security experts. According to a worldwide survey carried out by B2B International on behalf of Kaspersky Lab, 46% of all IT security incidents can be traced back to such misconduct by employees.
The average employee received five phishing emails a week, and sometimes they can be very convincing. The most successful phishing emails contain subject lines designed to scare or jolt us into action. Phrases like ‘open enrollment’ and ‘grievance filed’ can make us believe something needs our immediate attention, which hackers rely on.
The threat landscape is broad. One of the scariest things about ransomware is that cyber criminals can purchase it as a service. Businesses have to protect themselves against both old ransomware threats, like cryptowall and Locky, and newer threats, like cryptolocker, which affected more than 500,000 people as recently as 2014. One of the primary methods for spreading ransomware has been through spear phishing, so it’s as important as ever to be vigilant when receiving an email message from someone you don’t know, or clicking on embedded links or attachments in an unusual or suspicious email message.