10/18/2018

Email Security Remains Top Concern, Yet Few Pay Attention

Ninety percent of cyber attacks now begin with a phishing campaign

Those organizations that you might assume are most secure also suffer from the same weakness as every other company: basic security knowledge. Despite rampant political hacking attempts, even those on the campaign trail are failing to address email security. The topic of cybersecurity is heard but not addressed, and even if the rules of keeping personal and professional information secure are understood, they are not taken seriously. When 90 percent of cyber attacks now begin with a phishing campaign, it’s clear that hackers have noticed as well. Email security is not a priority, and data breaches are a common result.

Phishing attacks are hard to identify.
Ongoing training is critical for everyone within an organization because phishing attacks are becoming more advanced each day. An employee may not think twice about a request to update a password for a commonly used website, or to submit private information to what appears to be a vendor. Employees blindly trust that an antivirus program will weed out the spam in their digital mailboxes, without considering that an email could be a phishing attack.

The two most common types of phishing attacks:

• Mass phishing – Although hackers are fond of specific targets, it doesn’t change the actuality of mass emails being sent company wide. It only takes one employee to offer credentials or click a link and the attack will have been successful.
• Spear phishing – This cyber attack targets individuals or specific groups of people that have desired information. The hacking attempt looks legitimate because the message is likely relevant and tailored to the intended recipient.

Please select this link to read the complete article from OSAE Member thinkCSC.