Email Security

In light of cybersecurity awareness month, kindly ensure prompt completion of the Security Awareness module in BisTrainer.

Emails are often used to spread malware, spam, and phishing attacks. Attackers use deceptive messages to entice recipients to part with sensitive information, open attachments, or click on hyperlinks that install malware on the victim’s device.

Email platform is a common entry point for attackers looking to gain a foothold in an enterprise network and obtain valuable company data.

What NOT to Do With a Suspicious Email
Identifying suspicious emails is essential to keeping your organization safe from cybercriminals. But did you know that mishandling a phishing attack could be just as dangerous as falling victim to one?

Here are some examples of what NOT to do when you receive a suspicious email:

• Do not reply to the email for verification. If you receive a suspicious email that appears to be from someone you know, you may be tempted to investigate further. Replying to the email with questions like, “Have you been hacked?” or “Is this attachment safe?” only increases the security risk. If an email account has been compromised, the person who replies to your question probably won’t be who you expect. You could be communicating with a  cybercriminal in disguise.
• Do not forward the email to someone else. The best practice is never to click a link or open an attachment you were not expecting. Never forward unusual or suspicious emails to other users. If you forward a phishing email, you increase the risk of a security breach because it helps cybercriminals reach more potential victims.

What should I do with a suspicious email?
The best way to handle a suspicious email is to use the Phish Alert Button (PAB) .

Your cybersecurity specialists can assess and mitigate the threat if you report a suspicious email.

If you don’t know how to report the email, leave it in your inbox and ask a manager or supervisor for help.

If you’re unsure whether an email is spam or a phishing attack, report it and let the experts decide.

How to secure your emails

• Use strong passwords that are unique and have password complexity.
  A secure password is practically impossible to guess without previous insight. Hackers use specific password-guessing software that runs through millions of combinations – the more complex the password, the more time it takes for the software to decode it.
• Change Email password often.
  Regularly change email passwords (every 90 days) but if you suspect a breach, change immediately and contact Manitoulin Group of Companies
  IT team.
• Use two-tier authentication(2FA)
  This is a surefire way to add an extra layer of security to your inbox. Major email clients have the 2FA option built-in, so you can easily enable it. It makes hacking much more difficult for cybercriminals as even if a hacker manages to retrieve the password to your account, 2FA will block them by requiring a code texted to your phone.
• Watch out for phishing emails.
  It’s important to keep your eyes peeled for suspicious messages. Phishing is a common method used by hackers to take advantage of a recipient. These emails can goad recipients into sending the hacker money or their personal information.
  • Learn how to recognize phishing:
  • Messages that contain threats to shut your account down
  • Requests for personal information such as passwords or Social Security Numbers
  • Words like “Urgent” (false sense of urgency)
  • Forged email addresses
  • Poor writing or bad grammar
• Use anti-virus software on your local machine, and keep it up-to-date with the latest virus definitions.