Authored by: PlexTrac Author Posted on: January 22, 2020 Tips and Tactics to Defend Against Email Cyber Attacks Everyone has an email in today’s world. Email is a simple way to communicate, sync your organizational teams, and efficiently work on daily tasks and assignments for any organization. However, this efficiency could spell serious trouble for the daily operations of your company. This is because data and numbers constantly point to the fact that email attacks are the most common way that attackers breach into an organization. This constant fear of attack is a major threat to not only your company, but to all of the employees and customers associated with it. Email attacks affect not only the user compromised, but everyone associated with that account and everyone functioning on that network. With this in mind, here are 9 important tips to defend against email cyber attacks. 1- Deploy an Email Security Gateway Adding an email gateway with multiple layers of technology is key to defending against nefarious attackers. These security gateways can include but are not limited to the following; anti-malware, anti-spam, and advanced content filtering programs. Implementing these controls will minimize the phishing emails your employees are exposed to. 2 – Lock Down Email Content (As Much As Possible) Strict policies on the content your employees may receive on company email is a great step to take to maximize defenses against attacks. You must carefully consider your inbound email policy, and set rules appropriate for your organization. This will likely include quarantining or flagging all executable files, including Java, Windows Script, Java Script, and more file formats. 3 – Block or Flag Macros This tip is vital for your organization when it comes to Microsoft Office documents, and ensuring the safety of the documents sent to your employees. Always ensure macro protection is enabled, and that employees are aware of all potential threats in this vein. 4 – Keep Client Software Fully Patched Keeping all of your software fully patched and updated is a key tip to practice for any organization’s safety and use. Making sure all applications and software are fully updated will maximize the safety of your programs, devices, and the employees that use them. Updates usually involve bug fixes, exploit patches, and other valuable changes that you will want in place. 5 – Disable both Windows Script Host and PowerShell on as many Endpoints as Possible LMany email-focused attacks focus on Windows Script and PowerShell. Scripts for attacks are usually written in .vbs, .js, and PowerShell. Disabling these formats on the maximum amount of endpoints will minimize your chance for compromise. 6 – Check Potentially Malicious Links with Email or Web Gateways Checking “phish-y” links and emails with gateways will make sure an unsuspecting victim within your organization doesn’t compromise your entire network. Checking all potentially damaging links is a great step to ensuring that even if attackers get through your filters, they don’t get past all of your defenses in place. 7 – Deploy Anti-Spoofing Technologies Anti-spoofing technologies in place at your email gateway is important to cutting attacks off at the knees. Doing this, and implementing techniques to detect “domain misspellings” is a great step to defend against phishing and other BEC (Business Email Compromise) attacks. 8 – Ensure Advanced Processes for Approval of Financial Payments Don’t allow users to make financial payments on your network without approval or other authorization steps. This tip will prevent user-error to the fullest extent possible, and should stop most payments to attackers even if they manage to outsmart your employees and other defenses. 9 – Educate Users About Email Attacks This is the most important tip to remember. As a cyber security pro you will be able to detect email attacks from a mile away, but not everyone can see the signs as clearly as you. The overall education and awareness of all your employees for potential attack signs is the best way to prevent against the majority email attacks, especially those involving social engineering. PlexTrac Author At PlexTrac, we bring together insights from a diverse range of voices. Our blog features contributions from industry experts, ethical hackers, CTOs, influencers, and PlexTrac team members—all sharing valuable perspectives on cybersecurity, pentesting, and risk management.
The CVE Program Regains Funding: A Critical Juncture for Global Cybersecurity If you’ve spent any amount of time in cybersecurity, you’ve likely encountered the CVE (Common Vulnerabilities and Exposures) Program. It’s a foundational piece of how we identify and talk about... READ ARTICLE
What the CVE Funding Scare Exposed About the State of Vulnerability Management The CVE program is vital, but recent events are a reminder that security strategies must go far beyond known vulnerabilities. The potential defunding of the CVE (Common Vulnerabilities and Exposures)... READ ARTICLE
Introducing PlexTrac for CTEM: Proactively Manage Exposure Risk Gartner’s Continuous Threat Exposure Management (CTEM) framework is all the rage right now. Everyone’s talking about the need for continuous security testing and tossing around “CTEM” as the buzzword. But... READ ARTICLE