Does your business email system have minimum protections in place? There are some simple mail flow rules that can be added to prevent email spoofing, and more advanced techniques to reduce spam. For outgoing email, it’s important to have the correct records in place such as SPF, DMARC, and DKIM to ensure your email doesn’t end up in someone else’s junk box (or blocked entirely).
The Office 365 Security Road map can be found here. These tasks can be overwhelming and sometimes complicated so we recommend against beginners or non-technical users changing any Microsoft Exchange settings, however.
IT Protectorate can review your environment, find areas for improvement, and implement configuration changes to mitigate risk of users being tricked into clicking email. One of the classic cases is someone in accounting receiving an email from the CEO asking to transfer large sums of money into an account. The untrained user may be afraid to question it and just transfer the money as requested…to that prince in a foreign land posing as an executive.
While protecting against everything can reduce productivity, we recommend training end users by presenting them with scenarios such as these and tracking when they fall for the email. IT Protectorate can setup fake email campaigns that track who your problem users are, then we can schedule specific training to reduce the chances of them giving away passwords or transferring money in the real world.
Things like this tend not to be obvious but it is important to have proper checks and balances in place in the digital world. Our focus is on a balance of security and productivity, we’ll be glad to assist in protecting your business data!
Have you or a colleague become the victim of a scam email? This tactic commonly employs fishing (in IT-speak, phishing) where the end user is enticed by some reward such as the “you have an e-card from a friend,” or someone posing as your boss or CEO, even a user from another company. Often, we think that will never happen to us—but what if you are the source?
In the same manner that hackers pose as someone you know, they can also pretend to be you. Sometimes they’re able to hack into someone’s email account and wait for the right moment, such as when a transaction is about to take place. Next, they will “spoof” your email address and change the payment method. Before you know it, another user fell for a fake email from someone pretending to be you, and instead of you receiving payment—the user was directed to pay via some other method and the money ended up in the hacker’s pocket.
There are two scenarios which require multiple solutions:
You are a scam/phishing victim.
Someone is pretending to be you.
We first recommend awareness training, whereby IT Protectorate is able to simulate such emails and send them to your users. This identifies those who need training, and sometimes we are able to identify what types of tricks your users are falling for. It may be as simple as recognizing a change in the way someone speaks/types; instead of making that questionable payment, they call you or their superior first to confirm—thereby identifying the attempted attack and hopefully avoiding a loss to the business.
We are also able to check and add configuration to your email environment that reduce hacker’s ability to pretend to be you or one of your users. This prevents embarrassment and a ding to your reputation.
Finally, we want to make sure your email service provides good spam protection. Not only does this reduce the risk of your business from being a victim of phishing scams, most spam filters also prevent viruses and other malware from entering your system. Another benefit that is often are the reduced junk emails that users receive and open; with a quality spam filter, these emails never make it to the inbox, never get read, and keep you from wasting time opening or deleting it—increasing user productivity.
Elroy is the man behind the scenes; writing posts, checking status of servers, managing networks and endpoints, and enjoying coffee in his favorite spots in Lakeland and Winter Haven, FL.