Email Security Tips
New types of malware and increasingly sophisticated attack mechanisms by cybercriminals keep making headlines. For example, security experts are currently warning against fileless malware . The malicious code is not permanently saved on the affected system. Instead, it is reloaded in the working memory. There is no permanent copy on the end device. Common antivirus programs usually do not recognize this type of malware. Even if a company only allows explicitly approved applications via whitelisting, the fileless malware can be introduced and executed. If you want to know more about the how to implement complete e-mail security than join cyber security course in Delhi.
The problem is that in addition to new threats, there are also known sources of danger that many organizations are not addressing. This is not about the huge attacks, like the recent attack against Telegram that made headlines. Rather, most companies can be attacked today with relatively simple means, which increases the risk of falling victim to an attack. A particularly popular attack vector is the sending of contaminated e-mails – in combination with different mechanisms to harm companies.
The ESRA report regularly checks the exposure of business emails from over 30,000 organizations worldwide. A total of over 232 million emails have been scanned in recent years. The current results come from an investigation in spring 2019. The research team publishes these every quarter in a report . The goal is to give organizations better in email-based attacks. The emails come as blind copies from organizations of different sizes and have been filtered there in advance by various security mechanisms. Nevertheless, it turns out that over eleven percent of all emails (more than 25 million) are damaged.
Bad URLs and impersonation attacks not considered
Much of the unwanted email traffic is spam, 99.6 percent to be precise: more than one in ten messages received is junk. But you have to keep in mind that most companies have spam filters, so the number of emails sent is even higher. 24 908 981 unrecognized spam mails are a lot, but they have a positive message: the huge amount of advertising and junk mails are annoying, keep employees from working, but are not a direct danger at first.
Around 26,713 emails were loaded with malware and made it into the companies’ networks. They were able to bypass the protective mechanisms and the success of an attack then depends only on the wrong mouse click. Memory-based malware in particular is not recognized. Technology alone cannot counter such dangers, so the last defense remains the awareness of users who recognize such threats – even if they have been classified as safe by the defense tools. The human factor is nevertheless critical, since 23,872 emails do not contain any real malware, but do contain dangerous file formats that can be misused by attackers (such as .exe, .src or .jsp).
The importance of user attention is particularly evident when you look at malicious emails that rely heavily on user interaction – not malicious code. In more than 53,753 cases, the reseacher was able to detect attacks with stolen identities. These are attacks that use contextual information. For example, the criminals pretend to be business partners, customers or members of the executive floor and send invoices or payment releases. However, no malware is used, but it is built solely on the cooperation of the victim.
The number of such impersonation attacks is more than twice the number of emails contaminated with malware. The issue of CEO fraud in particular is a major problem, so the BKA even issued a specific warning. In addition, the amount of emails with tried URLs increases. A total of 463,546 different links were found that serve to reload malicious content after clicking on the victim’s devices.
E-mail is the main means of communication for companies
The Business Continuity Institute investigated the practical analysis of these areas in a survey. 369 IT decision-makers from 63 countries were asked about their priorities regarding data exchange and communication. An important part of the investigation revolved around the technology used. Almost all organizations (97 percent) provide employee email addresses as the primary means of communication. It is therefore logical that cybercriminals want to use the potential for themselves.
Almost all types of online crime are rolled out via email. Ransomware, Trojans, CEO fraud, spam, phishing, social engineering, malware, and even cryptominer use email as an attack vector – and unfortunately, successfully. As the perpetrators continue to refine their approach, individual security mechanisms no longer apply. The ESRA report makes it clear that a large amount of harmful content finds its way into companies.
In Germany, the Federal Office for Information Security (BSI), among other things, therefore advocates a general increase in the resilience of processes and comes back to this point in its current management report on IT security. Literally it says: “ The key factor resilience, which will become more and more important in the future, should become more important both for large companies and for SMEs. Incident training is an important factor here. “
Every company should ask the question: How resilient am I actually? Is there a coordinated security strategy that includes the workforce as well as technical measures? It is important that the employees are actively trained as a “Last Line of Defense” and involved in the defense. Because the danger of attacks is real.