Recent penetration testing conducted against higher education institutions demonstrated a “100 per cent track record of gaining access to a higher education institution’s high value data within two hours.”
Was this directly due to a lack of cyber security technology exposing these institutes? Possibly not. The method of attack used in this research was electronic social engineering, specifically spear phishing emails.
So are we humans the weakest link in cyber security?
Many spear phishing emails will spoof the recipient’s domain name, more often than not appearing to come from a senior colleague. The emails will request either a supplier payment be made or an action that requires the opening of an attached document. That sophisticated knowledge or the recipient’s organisation is what makes these emails so successful.
But there are steps we can take to protect our organisations.
There are a host of ways in reducing your risks of falling foul to phishing emails, here are two examples.
If you have an email filtering service you could block emails with your own domain if the email doesn’t come from your mail server. A good mail filtering service will enable legitimate emails with your domain that aren’t sent from your mail server, such as an email marketing engine or an online CRM system, to get through. This action can reduce the volume of threats received.
How many times have your colleagues had training on how to spot phishing emails? Maybe not many. There are several simple steps that every user can take to help identify phishing emails. Arming users with that information, and then checking their actions with organised phishing email testing can reduce the number of malicious emails acted upon.
Reducing the quantity of phishing emails a user receives and empowering users to spot them are just two ways in which we can help you reduce your risks from these attacks and strengthen your security.
Call Abtec on 01858 438 500 today to find out how we can help you reduce your risks.
Comments are closed.