Email is one of the greatest advancements in modern communications. Never before have companies been able to talk to each other in such an efficient and effective manner, allowing this technology to completely revolutionize how business is conducted. What’s more, the usefulness of this form of digital correspondence has enabled an explosion in the number of emails created on a daily basis. The Radicati Group estimated that in 2015, the average business email account sent and received around 122 emails every single day.
Despite the obvious practicality of email, this messaging technology has a major downside in the form of weakened cyber security. In fact, the security woes of email directly correlate to how many messages the average employee receives. People are very often overwhelmed by all the correspondence they get in an average day, which is a perfect opportunity for hackers to utilize this technology for nefarious purposes.
People either don’t realize or forget about the danger email poses to their organization, which can very often lead to some serious consequences. So what should you be looking out for, and what can you do to ensure the safety of your company’s data?
What does an email scam look like?
Nailing down exactly what an email scan looks like is extremely difficult, mainly due to the fact that hackers are constantly changing their techniques in order to evade law enforcement. However, there are two signs you can look for to determine whether or not an email is on the level.
First, you should ask yourself if something is out of the ordinary. This could include the grammar or words used by a known associate, or an unscheduled payment request from a person who is usually extremely punctual. It’s hard to say exactly what you need to be looking for, but if something smells fishy and the email address is one that you recognize, then there’s a chance the person sending you the message may have fallen victim to business email compromise.
This particular scam involves a hacker gaining access to the email account of someone with a relative amount of authority within a given organization. This could include the account of someone as high up as the CEO or even someone in the payroll department. Regardless, once the hacker has access, he sits back and observes how financial transactions work within the company. Once he understands how the money moves, he’ll jump in and request an unusual transfer under the guise of the employee that he’s hacked.
If he plays his cards right and strikes at the exact right moment, the hacker can very often trick a lower-level employee into approving an unsanctioned transaction right into the cyber criminals personal account. Due to the fact that BEC involves the money of entire companies rather than individuals, hackers very often make a lot of money out of these schemes. The FBI’s Internet Crime Complaint Center has stated that victims of these kinds of scams lose an average of $130,000.
While BEC is certainly a major problem, the other aspect of an email people need to look out for is unsolicited help from an outside party. Perhaps the most relevant example of this is the emails sent out following the U.K.’s decision to leave the E.U. This move, which has since been dubbed “Brexit,” caused some financial turmoil when a large portion of the population panicked and began to move their money away from the U.K.
Although the market has since leveled out, there was a time where a lot of people were doing what they could to prepare for a perceived financial crisis. This allowed for hackers to send out a massive amount of emails offering financial help following Brexit, according to International Business Times contributor India Ashok. Of course, none of these messages actually intended on helping people, instead linking away to malware that could infect their system.
The big lesson here is that unsolicited help or advice from an unknown email address should be viewed with extreme caution. No one would every give you a service for free in real life, and they certainly won’t be doing it online. That said, exactly what kind of malware should you be worried about?
Ransomware is a big problem
Although there are multiple different forms of malware that can infect your company’s computers, one of the worst variations is ransomware. This is because ransomware both looks extremely frightening and has the capability to completely disrupt your business. What’s more, Trend Micro has noticed that ransomware campaigns are very often distributed through email, which means they can strike anyone at any time.
Many of these attacks masquerade as law enforcement messages. The FBI has stated that hackers behind ransomware scams will say that they are from the FBI or the Department of Justice and that they have detected something like child pornography on the victim’s computer. Such an accusation can absolutely ruin someone’s life, which prompts people to quickly pay the ransom required to get back access to their data.
However, this is only half of the problem. The other side of this is the fact that ransomware is quickly becoming more advanced. In fact, this malware is no longer just targeting individual computers, instead going after entire networks. MedStar Health, a health care organization operating in the area surrounding Baltimore and Washington D.C., became the victim of such an attack in March 2016.
According to The Washington Post, MedStar Health’s network was hit by a ransomware attack that affected the systems of 10 hospitals and more than 250 outpatient facilities. Although some quick thinking enabled IT professionals to compartmentalize the infection, a large portion of the company’s network was affected. The attack became so bad that patients had to be sent to other facilities that could access their medical data.
Due to their reliance on health care records to treat patients, hospitals and other medical facilities are prime targets for ransomware attacks. However, any organization can fall into the cross hairs of a hacker. Downtime is extremely expensive, and company leaders often see paying a ransom as a small price compared to the loss of revenue they’ll receive due to the inability to access important data.
How can you prevent these kinds of attacks?
Although hacks can be scary to think about, they can be prevented if administrators take the time to train their employees on mitigation techniques. First, it’s vital that officials ensure their workers are creating long, strong and complex passwords for each of their company accounts.
One of the easiest ways for an organization to fall victim to BEC is to have an employee that uses an easy-to-guess phrase such as “password12345” as their sole line of defense against hackers. A good recommendation is to take an entire phrase and condense it down into letters. So, something along the lines of “I love my cat but I hate cleaning his litter box” could make a password like “IlmcbIhchlb09” with the last two characters perhaps being some random numbers you’ll easily remember. The silly nature of this phrase means you won’t forget it, but its complexity also means a hacker won’t be able to guess it.
Ransomware, on the other hand, is a little more tricky. While employees should obviously be trained to avoid clicking on links from addresses they don’t recognize, this is easier said than done. in fact, hackers have even begun to spoof email addresses, which means a message may look exactly like something a coworker would send, thereby increasing the chances someone will click the attachment.
Therefore, it’s vital that every company invest in a robust data backup routine. Not only are these services absolutely necessary to mitigate the risks of data loss through physical destruction of IT systems, it also allows you to lessen the blow of a successful ransomware attack. An infected computer will still have to be wiped, but utilizing backup means that the data contained on the machine can be easily recovered.
What can you do if you’ve already been hacked?
Sometimes, preventative measures aren’t enough. If you become the victim of a BEC scam and the money is already gone, there sadly isn’t a whole lot you can do. Obviously, you can go through your insurance and attempt to file a claim, but the most important action to take here is to report the attack to the relevant authorities.
One of the major problems the FBI’s IC3 has run into is the fact that companies very often want to keep these kinds of attacks secret. While it may not be a good idea to go completely public with this news, not reporting the BEC scam is playing right into the hands of the hacker. The FBI and other law enforcement agencies are doing everything they can to build a profile of the kinds of organizations affected and tactics used against them, and the only way they can do this is if they have access to all the relevant information.
Similarly, any sort of ransomware attack levied against your organization should also be reported. On top of that, affected organization should avoid paying the hacker at all costs. Not only is this simply incentivizing the criminal to do this again, there’s also no guarantee that this nefarious individual will give you access back.