2020 saw the largest ever increase in online fraud, with malicious emails containing harmful links being by far the most successful methods used by criminals. The City of London Police reported that over £19m was lost to scammers in London alone. With these threats growing in volume and complexity daily, it’s vital we understand how to improve email security.
There is no doubt that email remains the most popular, and quickest way to communicate in business. The volume of emails sent globally continues to increase annually. This trend is set to continue despite the growing popularity of instant messaging and collaborative platforms such as Microsoft Teams.
It is now estimated that over 45% of emails sent are spam. This number only accounts for those emails which have been detected by various spam filters, this does not include the high percentage of ‘allowed’ marketing emails that clog up our mailboxes daily. Russia alone accounted for 23.5% of all unsolicited emails in 2020.
It is probably easier to look at the emails that are received by your company and determine what percentage is relevant to your business activities. This may surprise you, as it could be less than 30% of all emails received! If you find that figure difficult to believe, have a look through your own inbox. Like most users, the marketing and spam messages will most likely outnumber genuine work-related emails.
Imagine if you could turn off all unwanted emails into your business, and just see those that are relevant. Imagine getting rid of all those distractions, which are often so numerous it makes it easy to miss genuine emails. But best of all, imagine getting rid of the various phishing and scam emails, and making your email system safer and more secure.
While the most up-to-date and stringent email security systems, such as Trend Micros’ Hosted Email Security can mop up a large percentage of dangerous emails, it is virtually impossible to eradicate them completely. There are various reasons for this that don’t point to the security systems themselves. It is largely down to the way they are configured and the way that emails are used by businesses. So, let’s take a quick look at some email security tips.
Email security tips
Email security systems
Initial setup & configuration – It goes without saying that if your company doesn’t already have one, it most definitely should have a dedicated email security system, like the excellent Trend Micro Email Security System (EMS). However, even if you do have email security, it’s vital that it is configured and maintained correctly. From our experience, many cases are rooted in poor setup and configuration, before being neglected by IT teams. It pays to not underestimate how important and complex the initial setup and configuration is. It’s not just a case of point, click, set, forget. Businesses should look to onboard the services of an email security specialist, who really understands the chosen product, and can also provide training to the in-house IT team if required.
The Known Good Senders List (Whitelist) – A crucial part of any email security system, is building and maintaining an accurate list of known email addresses that your company does business with. This is just as important as determining a Bad Senders List (Blacklist). Building a known good senders list will help prevent the email security system from frustratingly blocking potentially wanted emails as spam. However, it’s still possible to receive dangerous or virus-laden threats from known good email addresses. That said, if your email security system is set up correctly, it should block the vast majority of emails that contain malicious attachments or links. Given the speed that cyber threats evolve, even the most stringent system can allow the odd malicious email through. That is where the company’s own email setup and end-user training comes into play. More about that below.
Security filtering levels – Finding the right balance between being overly zealous or allowing too many spam emails through can be difficult. Users find it frustrating when a genuine email gets trapped as junk, but at the same time, the email security system needs to do its job. Again, this is where it pays to have a dedicated specialist who can work with you to strike the right balance. This may take a few weeks following deployment until the correct level is found, and any tweaks made. From a security perspective, however, it is better to have the odd email trapped than to allow too many through. It’s worth pointing out that releasing trapped emails should be a very simple and painless process for the end-user and take no more than a couple of clicks.
The Company Email Setup
Do all employees need email? – This may seem obvious, but if employees do not need or use email other than for internal use, then it’s possible to simply turn off external emails for those users. It is worth keeping in mind that as more and more companies adopt Microsoft Teams even internal email usage is dropping significantly.
Limit emails to approved senders only – If users only send and receive emails to known contacts, then it’s possible to block all emails from unknown senders. It is also possible to add an autoresponder to both the sender and recipient, so they are aware that the email has been blocked by the email security system. This can even be put in place for generic or departmental email addresses such as ‘sales’ or ‘enquiry’ for example. If an email is sent from an unknown sender, an autoresponder can be sent back with a link to the contact form on the company website. Again, an alert can be sent to the recipient to notify them that an email has been blocked, and a copy of the email is available in the email filtering system just in case.
Restrict emails due to content – While it can be frustrating for end-users to have genuine emails trapped in junk, it’s worth rethinking the type of content that is allowed to be delivered into your organisation, even from your approved senders’ list. For example, you could set up a rule to automatically quarantine all emails with attachments or links to shared documents. This would mean end users having to release them from quarantine. Although this does not completely rule out the threat, it does make the end-users stop and think before they knowingly release a quarantined email. Appropriate warnings can also be displayed at the time of releasing emails too.
End-user training – It is well known that end users are responsible for unknowingly initiating a majority of successful phishing attacks by clicking on links or downloading harmful attachments. End-user training is probably the most important part of any email security system, yet sadly it is hardly ever provided. Most companies rely solely on the security systems and procedures they have in place, but clearly, this isn’t working. We only have to look at the data to establish that threats are increasing at an alarming rate and is only set to get worse. Training end-users not only provides them with the tools to avoid getting scammed but also the education and understanding as to why security is so important. This may help lessen the frustration when they have to release the odd email from the spam filter!
Internet security – The vast majority of phishing or scam emails rely on an active internet connection to be able to initiate an attack or scam, therefore having a sophisticated internet security solution such as ‘Cisco Umbrella’ can be key. If an unsuspecting user should click on a malicious link, there is a very good chance that the corresponding IP address will be flagged as malicious, and the phishing attack will be thwarted.
Although the reliance on email in business may be reducing, there is no doubt that it will continue to play a significant role as a communication tool for the foreseeable future. But given the sheer volume and complexity of attacks, it is essential that we understand how to improve email security and make systems as secure as possible. If you would like to find out more or would like to arrange a free initial consultation, please contact us.