Phishing attacks, which target your email, are skyrocketing, as cybercriminals are getting more sophisticated and better at what they do. Because of the massive adjustments that businesses, large or small, have had to make to adapt to COVID-19, vulnerabilities get overlooked, including email security.
Secure your business email by adopting these best practices:
1. Run the same version for desktop and web email clients.
Hassle-free syncing and updates help ensure a smoother overall operation. Not only that, but a synchronized desktop and web e-mail can prevent attackers from putting in place rules that desktop clients are not exposed to, which is how the manner of attack is concealed.
2. Verify last-minute changes to email account addresses.
If any of your partners, vendors, and service providers are updating their firm’s domain name and e-mail platform, their mail server will be vulnerable to attacks during the migration process.
Be careful with emails concerning a financial matter if the email address has changed. Call your partner, vendor, or provider to verify.
3. Double-check email addresses for slight changes.
Most users are easily tricked by fraudulent email addresses. They fail to catch the small changes in the e-mail address that would have alerted them that the email may not be legitimate.
Beware of the font trick. Pay particular attention to the letter I if it’s part of an email address because certain font styles can make it so easy to mistake it for a lowercase l or the number 1.
4. Turn off automatic email forwarding to external addresses.
Forwarding rules being visible only in web applications and not in desktop email clients is common in many email compromises. If you have already set up automatic forwarding rules, review the setup for any issues concerning function.
5. Monitor the Email Exchange server for changes.
Regularly check for changes in configuration and custom rules for specific accounts. Create rules that alert you to any changes; this helps you to effectively protect your system.
The process needs to be well defined and carried out efficiently. Schedule your change management process, with accompanying documentation.
6. Flag inconsistent “reply” and “from” email addresses.
Set a rule to flag emails with different “reply” and “from” email addresses. You will also need to flag external messages that come from your domain name, which indicates that an attacker is attempting to pass their e-mail off as coming from inside the domain. Setting up a DomainKeys Identified Mail (DKIM) standard allows you to reject mail that’s inconsistent with the domain of the originating mail server.
7. Use banners with messages from outside and educate users.
Warning regarding the origin of a message is often a standard configuration. However, since this doesn’t always deter users from clicking on links, user education about how the e-mails would appear and what to expect will be helpful.
8. Deploy multifactor authentication across all accounts.
Multifactor authentication (MFA) throws more than one hurdle at attackers before they can get to your email.
MFA requires multiple means of authentication by employing either three or all these factors:
- Knowledge (something you know): PIN, username and password, security question
- Possession (something you have): token, USB key, magic link, or smart card
- Inherence (something you are): biometrics—e.g., fingerprint, voice, palm veins, complex iris/retina patterns, behavior patterns, etc.
- Location (someplace you are): actual physical location determined through GPS tracking.
To optimize MFA, use it with single sign-on (SSO), which allows users to execute a master sign-on to authenticate themselves at the start of their work shift, after which the SSO solution logs them into any of the related software systems they need to use for their work.
To strengthen this combination, go passwordless. This effectively removes the password, which is a vulnerable authentication method, thanks to users’ persistent poor password habits.
9. Reconsider legacy email protocols.
Determine whether you absolutely need legacy email protocols such as POP, IMAP, and SMTP—which attackers can use to bypass more stringent authentication methods like MFA.
10. Turn on security features that block malicious e-mail.
Completely set up the additional security products for mail servers that you have purchased. Chances are you already have security features that specifically block phishing and email spoofing.
11. Log and save changes to mailbox login and settings for 90 days or more.
Logging facilitates auditing should something happen. Consider your options for pulling off the logs from your mail servers and storing them elsewhere.
12. Challenge suspicious payment requests.
Train employees to verify suspicious payment requests from management before authorizing transactions. Reinforce automated electronic processes with old-fashioned confirmation like calling to confirm the amount and the transfer processes.
Plug any gaps in your security to effectively steer your business through the pandemic rough patch.
Still using username and passwords to authenticate? It’s time to upgrade to an enterprise-class simplified plug-and-play authentication solution.
Go passwordless with TraitWare.
Contact us today to learn more.