Business Continuity NewsBriefs - February 14, 2018
These NewsBriefs are produced and delivered weekly by Attainium to keep our friends and clients current on topics relating to Business Continuity, Disaster Recovery and Crisis Management.
 

Email Threats

February 14, 2018 - Email will always be with us and so will all the scams, hoaxes and threats that continue to grow each year. This issue focuses on understanding some of these threats and learning to combat them.


QUOTE OF THE WEEK
"Security is always excessive until it's not enough." 
-- Robbie Sinclair, Head of Security, NSW Australia --


1. Top 10 Malicious Email Threats

Malicious email remains one of the most significant and ongoing computer security threats that we face. Cybercriminals use a variety of email-based attacks to deliver malware, lure victims to malicious websites, and steal logon credentials, and organizations everywhere need to understand these threats and how to implement effective safeguards.
https://www.lastline.com/blog/top-10-malicious-email-threats/


2. Retaining emails -- how long is too long?

Despite the new collaborative communication tools on the market, which combine unified messaging, video and/or other social media instruments, emails are still number one both for private people as well as enterprise business use. With the need to retain emails, and the desire to keep costs down to free storage space from unneeded emails without risking huge fines by not producing required emails if demanded by a court or regulator -- emails which should have been legally retained.
https://www.krollontrack.co.uk/blog/concepts-explained/establish-effective-email-retention-policy/


3. Don't be a Whale -- How to Detect the Business Email Compromise (BEC) Scam

According to the figures from the FBI, through December 2016 cyber thieves stole over $2 billion from 24,000 businesses using a scam that starts when business executives' or employees' email accounts are compromised or spoofed (BEC scam). Criminals are able to steal money with the help of an unwitting accomplice: an employee who is fooled into submitting a wire request. From the perspective of the company's financial institution, the transaction appears completely legitimate. Even confirmation calls or other out of band authentication will reach the employee who did indeed submit the request.
https://www.tripwire.com/state-of-security/featured/how-detect-business-email-compromise-bec-scam/


4. Email continuity can be costly

As organizations increasingly rely on email to conduct business, continuity becomes critical. In this piece, Alan Radding discusses examples of the negative effects a lack of email continuity can present and how products that truly deliver high availability can ultimately be a money saving investment for your business.
http://searchdisasterrecovery.techtarget.com/feature/Email-continuity-can-be-costly


5. InfoSec Guide: Mitigating Email Threats

Despite the rise in popularity of social media and instant messaging, email is still an important communication tool for business organizations. Unfortunately, its widespread use also makes it an ideal platform for cybercrime. This article will cover four particular types of email-based threats: Spam, Phishing, Spoofing and Business Email Compromise (BEC).
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/infosec-guide-email-threats


6. Phishing Awareness Training: 8 Things Your Employees Should Understand

No system is 100% effective and your employees can also put your network at risk from their personal email. Therefore, your employees need training to understand what to look for to avoid phishing emails. You, and everyone in your department, probably already know how to spot a phishing email. But how do you explain it to your users so that they get it?
https://www.vadesecure.com/en/phishing-awareness-training-8-things-employees-understand/


Copyright (C) 2018 Attainium Corp - All rights reserved.