Tips and Tactics to Defend Against Email Cyber Attacks

Everyone has an email in today’s world. Email is a simple way to communicate, sync your organizational teams, and efficiently work on daily tasks and assignments for any organization. However, this efficiency could spell serious trouble for the daily operations of your company. This is because data and numbers constantly point to the fact that email attacks are the most common way that attackers breach into an organization.

This constant fear of attack is a major threat to not only your company, but to all of the employees and customers associated with it. Email attacks affect not only the user compromised, but everyone associated with that account and everyone functioning on that network. With this in mind, here are 9 important tips to defend against email cyber attacks.

1- Deploy an Email Security Gateway

Adding an email gateway with multiple layers of technology is key to defending against nefarious attackers. These security gateways can include but are not limited to the following; anti-malware, anti-spam, and advanced content filtering programs. Implementing these controls will minimize the phishing emails your employees are exposed to.

2 – Lock Down Email Content (As Much As Possible)

Strict policies on the content your employees may receive on company email is a great step to take to maximize defenses against attacks. You must carefully consider your inbound email policy, and set rules appropriate for your organization. This will likely include quarantining or flagging all executable files, including Java, Windows Script, Java Script, and more file formats.

3 – Block or Flag Macros

This tip is vital for your organization when it comes to Microsoft Office documents, and ensuring the safety of the documents sent to your employees. Always ensure macro protection is enabled, and that employees are aware of all potential threats in this vein.

4 – Keep Client Software Fully Patched

Keeping all of your software fully patched and updated is a key tip to practice for any organization’s safety and use. Making sure all applications and software are fully updated will maximize the safety of your programs, devices, and the employees that use them. Updates usually involve bug fixes, exploit patches, and other valuable changes that you will want in place.

5 – Disable both Windows Script Host and PowerShell on as many Endpoints as Possible

LMany email-focused attacks focus on Windows Script and PowerShell. Scripts for attacks are usually written in .vbs, .js, and PowerShell. Disabling these formats on the maximum amount of endpoints will minimize your chance for compromise.

6 – Check Potentially Malicious Links with Email or Web Gateways

Checking “phish-y” links and emails with gateways will make sure an unsuspecting victim within your organization doesn’t compromise your entire network. Checking all potentially damaging links is a great step to ensuring that even if attackers get through your filters, they don’t get past all of your defenses in place.

7 – Deploy Anti-Spoofing Technologies

Anti-spoofing technologies in place at your email gateway is important to cutting attacks off at the knees. Doing this, and implementing techniques to detect “domain misspellings” is a great step to defend against phishing and other BEC (Business Email Compromise) attacks.

8 – Ensure Advanced Processes for Approval of Financial Payments

Don’t allow users to make financial payments on your network without approval or other authorization steps. This tip will prevent user-error to the fullest extent possible, and should stop most payments to attackers even if they manage to outsmart your employees and other defenses.

9 – Educate Users About Email Attacks

This is the most important tip to remember. As a cyber security pro you will be able to detect email attacks from a mile away, but not everyone can see the signs as clearly as you. The overall education and awareness of all your employees for potential attack signs is the best way to prevent against the majority email attacks, especially those involving social engineering.