Corporate emails are the hunting ground for cybercriminals

Le email aziendali sono il territorio di caccia dei criminali informatici thumbnail

Cybercriminals? They wallow in corporate email territory. This is revealed by the study carried out by Luca Maiocchi, country manager of Proofpoint, which highlights five steps for effective email protection focused on people.

In fact, in 2020, over 300 billion emails were sent every day around the world. But if the latter are one of the hallmarks of the modern way of doing business, they represent at the same time the number one vector of threats. Every day, email messages containing payment requests from suppliers, communications with investors and other formal and informal messages can become breeding grounds for fraud.

For example, by taking advantage of the challenges of transitioning to hybrid work, poor security awareness and less control exercised by IT teams, phishing attacks have targeted the most vulnerable employees who have inadvertently compromised their data at all. advantage of cybercriminals. In parallel, social engineering attacks have led users to open infected documents, click on malicious links, enter their credentials or even directly perform operations such as transferring money. In
in any case, whether it was ransomware, phishing or Business Email Compromise (BEC), the lowest common denominator was people. Precisely for this reason, defending against email attacks that target the individual requires a new security strategy, which includes people, processes and technology, starting with a new perimeter of defense built around the person.

Five steps to a people-centered business email defense
Email threats are versatile and are growing faster than ever. To counter them, organizations must invest in an end-to-end email security strategy that addresses the entire chain of attacks, from proactive prevention to real-time threat response. Here are the 5 fundamental steps.

  • Visibility
  • To effectively defend your organization from email attacks, you must first and foremost
    understand what threats they are facing. With this in mind, solid threat intelligence in
    detecting the full scale of malicious emails is an important first step, but it’s not enough.
    You will also need to implement a solution that can correlate and analyze your data on
    threats, revealing who is being targeted, by whom it is attacked and what information it is trying to
    steal.

    2. Implement basic email checking and content analysis

    Maintaining control over which messages enter your environment is critical when it comes to email security. The solution adopted for this purpose must offer a granular classification that does not just look for spam or malware, but also identifies all the distinct types of email (malicious or not) that target employees.
    The latter could include mass mail, credential phishing, BEC attacks, adult content and more. For this, your classification tool should include advanced sandboxing capabilities that allow you to analyze every attachment and URL in real time as they enter your gateway.

    3. Authenticate the emails

    Outbound phishijng emails that target customers and partners outside the gateway pose a serious risk to businesses, but there is a solution: email authentication. In particular, the implementation of the DMARC (Domain-based Message Authentication Reporting and Conformance) protocol, which ensures that legitimate emails authenticate themselves correctly and block any fraudulent activity originating from the domains under your organization’s control, (including the sending domains active, non-sending domains and
    recorded defensively).

    4. Data loss prevention

    Preventing threats from entering is important, but you also need to prevent sensitive data from leaving your gateway. An effective email security strategy must therefore be ready to face both any threat that manages to overcome its defenses and the reckless behavior of employees who inadvertently expose sensitive data, using a solution that can combine encryption and data loss prevention (DLP) so that sensitive data, even if exposed or exfiltrated, always remain protected.

    5. Respond to threats in real time

    No security solution can stop all attacks. Responding to real-time threats must be a pillar of the email security strategy. It is natural to be wary of a vendor who claims to be able to block all threats, because if such a solution were available today, data breaches and email fraud would be a thing of the past. As recent headlines show, this is not the case.

    In summary, effective protection is therefore based on these points. Learn about the threats targeting your organization, identify weaknesses, and build an email security defense that provides protection in these five key areas of the threat lifecycle using this vector: content visibility, control, and analytics , authentication, data loss prevention and response. Simply put, your best defense is understanding and preparation.