Aggressive Spam Filtering vs. Smart Security Practices
Most companies are aware of the increase in cyber-attacks on businesses across the globe. You only need to turn on the news or read a few business feeds to know the impact these cyber-attacks are having.
Because many of the cyber-attacks are received via email, a large percentage of businesses are looking at “Aggressive Spam Filtering” to help reduce the threat of receiving malware, phishing emails, etc. While this may seem like a good solution, and for some companies it might be necessary, having too many filters may end up blocking wanted and/or needed emails.
Most Spam filters give a score or rating to an email before passing it through to the recipient. The score/rating determines if the email is safe to pass through to the recipient. Before you “Batten Down the Hatches” and get aggressive with your own spam filtering, here are a few tips to try.
- A large percentage of viruses are imbedded in website links and logos within signature lines. Some organizations, such as financial institutes and government agencies, have started to restrict emails that include website links, too many phone numbers, and attachments such as logos. If you have recently started having issues with receiving and/or sending emails to organizations you have never had issues with before, take a look at your signature line. You may need to adjust a few things.
- Large attachments such as Word documents, Spreadsheets, fillable PDF files, JPEGs, etc. may also hinder your ability to communicate with your business partners. The larger the file is, the higher the score may be in the filter.
- Using the same Title in multiple emails over a period of time may trigger the recipient’s Spam filter to “grey” list those emails and eventually not accept them in the future. The Spam filter may think those emails are being generated by a bot (software robot) which is typically used by spammers and hackers.
- Using different font styles within an email can also cause a higher score/rating. Try using plaintext as much as possible.
Preventative Measures
While there are many steps that an organization can take to try and prevent an attack, we have found these two can drastically reduce the risk of attack.
- Educate your staff on email protocols to help prevent the risk of infection. Your staff is one of the first lines of defense when it comes to attacks. If they don’t know what to look for if an infected email happens to pass through your Spam filter, they may inadvertently take down the entire system with one click.
- Reset Passwords on a regular basis, every 90 days is recommended for most organizations. The days of never having to reset your passwords are gone. If you don’t reset your passwords, you are opening the door to attacks and inevitably infections. We highly recommend moving towards multi-factor logins.
Be Smart and Be Prepared
Organizations need to be proactive and prepared for an attack rather than reactive when they have been infected. Having the proper measures in place ahead of time will drastically reduce the “down time” a company experiences if they are infected.
- Implement a backup and recovery plan. The FBI states, “Backups are critical in Ransomware recovery and response. If you are infected, a backup may be the best way to recover your critical data.”
- Having an up-to-date backup and recovery system is critical. Many organizations are using outdated backup systems that are vulnerable to failure after a Ransomware attack. A survey done by Osterman Research found that 58 percent of business victims were not able to fully restore their backups after an attack due to “unmonitored or failed backups, loss of accessible backup drives that were also encrypted, and loss of between 1-24 hours of data from the last incremental backup snapshot.”
- It’s also good to have an Early Detection solution in place. There are companies out there that address these issues by including Ransomware protection into their data-backup technology. This type of solution notifies administrators that a Ransomware has been detected and to revert to a previously healthy backup.
Don’t become a Statistic!
- 40% of all spam email had Ransomware (CNBC)
- 92% of surveyed IT firms reported attacks on their clients (Datto via The Atlantic)
- 70% of businesses paid the ransom in a Ransomware attack (CNBC)
- 78% of people claim to be aware of the risks of unknown links in emails, yet click on them anyway. (Barkley)
- 1 million Gmail accounts were affected by a sophisticated phishing scam
- Target paid $18.5 million to 47 states in settlement for the 2013 data breach (NY Times)
As hackers and spammers get more creative and aggressive in their attacks, organizations must be more proactive protecting their data. This involves a commitment by an organization to educate their staff on the risks of attack, hold their staff accountable if protocols are not followed, and implement layers of protection when protocols fail.
For more information of to discuss your security concerns, feel free to contact us at 720-386-3090.