Is your Organization’s Email System Safe?
Email is the most preferred mode of communication when it comes to businesses. Whether one wants to communicate with a client or a colleague, share events or files, everyone uses email. In fact, it has become one’s personal identity, without email, opening an online bank account or social media, is not possible. The email system is your most important digital avenue, yet it is the most prone to cyber attacks.
The top 2 email vulnerabilities that cyber criminals target are email hijacking and Computer Takeover via Email
- Email Hijacking
As per a recent study by Google, more than 15% of internet users have reported experiencing the takeover or hijacking of an email account.
In email hijacking, an attacker gains access to an email account by getting hold of a victim’s email username, password, and recovery or verification questions. Once accessed, a hijacker can do whatever he or she wants in the account like resetting the password, downloading all private data, deleting all messages or impersonating the victim.
Many of today’s email systems have done away with passwords alone to gain access. Instead of mere passwords, many require recovery or verification questions.
According to a Google and UC study, third-party data breach, keylogging, and phishing are the 3 main methods used by attackers to hijack the emails.
Third Party Data Breach:
In third-party data breach, email usernames and passwords are stolen by attackers as a result of security loopholes within a service provider like Adobe, LinkedIn, and Dropbox.
In keylogging, an attacker steals the victim’s credentials by using a malware that records and tracks every movement of the victim on his or her computer.
In phishing, the attackers fool a victim to login to a fake web page of a popular email site like Gmail, Yahoo or their banks. Once victims clicked on these fake login pages, their details are captured in the process.
- Computer Takeover via Email
In this type of attacks, cyber criminals use a ransomware/malware designed to block access to a computer system until ransom money is paid. In such attacks, the computer is literally hijacked as you’ll lose total control of it and you’re at the mercy of the attackers to unlock your computer.
An example of a malware that uses phishing emails as a means to gain access to computers is the ransomware called “Locky” – the first ransomware to earn $1 million per month based on a Google-led study (PDF).
The Locky phishing emails have an attached ZIP file which when opened enables the downloading of the Locky ransomware and locks out users from their computers until ransom money is paid.
Email hijacking and computer takeover are just two examples of the many vulnerabilities of your organization’s email system. In its “2017 Internet Security Threat Report” Symantec said, “Email posed a dangerous and efficient threat to users: one in 131 emails contained malware, the highest rate in five years.”
Want to secure your company’s email system against most known attacks? Contact GigE today to protect your business emails from third-party data breaches, phishing, keylogging, and ransomware. Call 888-366-4443 now!