Hackers design personalised phishing emails to trick users into sharing sensitive information, passwords, sending monies or sharing login details to enable accounts to be taken over. Cyber criminals will then use these compromised accounts to instigate further attacks to your colleagues, customers, or supply chain causing both monetary and reputational damage to your business.
There’s copious amounts of guidance out there to try to combat the cyber criminal. The National Cyber Security Centre (NCSC) is UK’s Government body that provides advice and support in how to avoid computer security threats. They regularly publish articles on how best to spot something suspicious. It is a mine of great information and best practice we’d recommend anyone to take a look at to protect yourself and your business from cyber attacks.
However, something we recommend, as well as self education, is a good email security system and implementing a multi factor authentication tool.
These invaluable pieces of software act as a first line defence in the fight to prevent security breaches. It’s definitely something that we recommend to all our clients. You can have other great cyber security prevention technologies like a firewall but that doesn’t stop one of your employees from receiving and clicking on something that contains malware!
The most tech-savvy of companies, even those that are in the business of selling cyber security solutions, are vulnerable to email phishing attacks, and that goes for us too.
To protect ourselves from this ever-increasing threat, we have deployed two email security solutions already this year that work in tandem as a barrier to email attacks.
Many clients have migrated to the cloud, where email has become a forgotten threat. However, with ransomware on the rise, and the easiest way to spread this type of threat being via email phishing/spear phishing, we need to pay special attention to our email security before it’s too late.
Barracuda Essentials has been tried and tested against many other technologies and is one of our recommended and supported products we offer to our clients. Without meaning this to sound a sales pitch, Barracuda Essentials is an all in one solution that provides comprehensive protection against evolving email-born threats. It analyses over 1 billion emails globally every day continuously detecting and blocking new threats as they emerge.
One of the most powerful components of Essentials is Link Protect. This function automatically rewrites urls that attackers may have used to contain malicious code – malware – which can be invisibly downloaded and can trigger a much larger attack. The system can sandbox the request at click time to block malicious links.
Even more sophisticated attackers make clever modifications to URLs so they look genuine, but are not. The most common technique is omitting letters or using convincing “typos” that even users who check URLs before clicking often miss. Barracuda’s Link Protection includes typosquatting detection, which automatically identifies and redirects these URLs to our sandbox, if clicked, to block malicious activity.
The second email security solution we’ve adopted is Barracuda Sentinel. This is a powerful artificial intelligence (AI) engine that automatically detects and stops spear phishing attacks in real time. It also detects and blocks attacks from compromised accounts. The reporting also prevents fraud, spoofing and brand-hijacking to reduce reputational risk.
Unlike other email gateways, Sentinel integrates seamlessly with Office 365, which is one of the reasons why we chose it. Once installed, the AI learns analyses communication patterns and removes anomalies from user’s inboxes before they become a threat. Another win with this software is that it’s completely cloud-based and therefore needs no hardware or software to run and does not interfere with any other set up or network performance.
Using both systems should see a reduction in spam/junk in inboxes and your employees should not receive any malicious emails with links or attachments.
If you’d like a chat about how we can help you protect you and your business from cyber attack or have any questions or concerns regarding your cyber security, please get in touch.