One of your many responsibilities that you have as an IT administrator is to protect your corporate infrastructure from spam emails and phishing scams by verifying that such emails messages never enter an employees inbox as well as educating employees against online scams.
As a company grows so do the numbers of employees and email accounts. As a result, the IT administrators responsibility to keep spam and phishing email from entering the corporate network increases exponentially.
It is widely accepted that huge part of our increasingly sophisticated life style nowadays is email. Most of us use email to communicate good or bad news, do business, exchange information etc. An email address is so easy to acquire that almost everyone on the planet has one.
As trends go, we are shown again and again that once an invention gains in popularity, it gets to a point where it can become a danger and in turn can work against us as well as hurt us through the form of internet fraud.
I, for one, am not afraid of the fact that we depend so much on email. I am not afraid that email has become a source of revenue for some of us. I am not afraid that we all have an addiction to messages that come in at the speed of light, nor am I afraid that to some extent email is now part of us and what we do on a daily basis. What scares me is our lack of awareness of the damage that can occur if emails are misused against a corporation, its network infrastructure or the employees of the company. I’m afraid we have misjudged how emails can affect our lives.
Due to email phishing, corporate employees can inadvertently divulge the company’s bank account information, company passwords, the names of their loved ones, employee birthdays as well as their own social security number etc. The list is long and the consequences of such information leaking have the potential to ruin a life to the point of starting all over again. This issue is so severe that the United States Social Security Inspector General has come out and warned the public to protect themselves from fraudulent “phishing” scheme as well as a dedicated website to report phishing.
As IT administrators who know about the potential dangers of email, it is your duty to educate corporate employees about the nature of spam and phishing emails and how to avoid them. It is important to divulge in great details the dangerous side of email so that employees can comprehend and be aware of their use/misuse.
I am not trying to say that email is a bad way to communicate or that we should stop using it. Email has become an indispensable part of our daily lives. What I mean to say is that not all the messages that come into our inbox are helpful. In order to have a clear understanding of how to differentiate good emails from bad emails, we must first understand what spam and phishing emails are.
1- What is a SPAM email?
Spam has multiple functions and forms but is generally defined as a message that is sent to numerous people soliciting them to make a purchase on a website. The spam email may display a list of items that your colleagues never asked for or have a particular interest in.
Spam messages may also take the form of simple “welcome” messages, inviting your company’s employees to click on a link and visit a website which is owned by the individuals and / or companies that are sending the spam messages.
Spam emails have also been used to sell free software to individuals who are not aware that software such as Google Earth is actually available to download at no charge from Google’s own website.
Spam comes in many different formats in an employees inbox and is designed to attract the recipients attention with images of low priced products, flashing numbers and / or offers that are too good to be true.
How can SPAM cause harm?
The first rule of thumb as an IT administrator is to continually teach company employees to detect and deal with dangerous spam within their inboxes so that the corporate network stays secure. Harmful spam emails are the ones that have links which encourage users to click on. These links will often lead employees to think they will get casually browse the promoted website, but just one click can completely open your corporate infrastructure into the hands of hackers. While an employee waits for the link to open, malicious programs can be installed on their computer to sniff out data and sensitive information all the while relaying these files back to the spammer.
Employees who click on such links within the spam email can also install a virus on their computer, potentially causing a major impact on internal servers (data loss). Some viruses may even reformat an employees computer putting more pressure on limited IT resources. In some cases if the damage is already done and no anti-virus or anti-malware can help.
The best way to protect your corporate infrastructure and the employees from dangerous spam email is to be proactive with an anti spam filter and spam protection.
2- What is a PHISHING email?
Phishing scams are generated by the same techniques as spam but the difference is that it has bait. A phishing email is designed with hopes that the user who is reading the messages will provide the information that is requested, i.e.: email address, password, bank account number, social security number, date of birth, as well as other sensitive information which could include corporate passwords. I work in the email security field and I have seen a lot of inexperienced users provide account information and passwords to the wrong hands. I hope that neither you nor your employees were one of the many individuals who were taken by cyber criminals.
Educate the employees of the company how to recognize phishing email messages. Ask the employees to be responsible of their actions and to think twice before they open an email, click on a link or open an attachment because the consequences might be very serious not only to them but their colleagues and the company as a whole. A great example is to let them know that if their bank is asking for their personal information, they should pick-up the phone and call the bank but do NOT reply or click on any of the links within the email.
Make sure the employees of the company understand that no legal institution will ask for sensitive information by email. Encourage strong passwords and give them tips on how to protect themselves.
Included below is a YouTube video that was put together by the Google privacy team on how to avoid phishing scams. This video will help educate company employees on how they can protect themselves against online scams.
If you have any questions or need assistance protecting your corporate infrastructure against spam, phishing email, email scams or if you like to see how Vircom’s award winning Anti-spam and Anti-virus Filtering can provide you peace of mind protection, fill out a free trial form or contact us.
We’ll take the time to audit your current solution as well as work with you to provide a more robust anti-spam, anti phishing and virus filtering solution for your exchange servers ensuring you look good in front of senior board members.
Secure your corporate infrastructure, Get a modusGate or modusCloud 30 day free trial and you’ll be on your way to that promotion we both know you deserve.
Our 24 / 7 customer support team will handle any issues that may come up so that you can sleep peacefully at night knowing your corporate infrastructure, network and employees are protected against spam, phishing scams, malware, viruses and online scams.
Leave a Comment