Due to the popularity of email in the business world, it’s an extremely popular method of attack for hackers. They can easily send countless messages to targets all over the world with the click of a mouse. Therefore, you have to take email security very seriously. The repercussions of not doing so could be swift and severe. This week’s tip is dedicated to informing your employees of email best practices for the office environment.
Passwords might not be the most convenient way to keep accounts secure, but it’s certainly one of the most popular. It’s a best practice to keep different passwords for each of your different accounts, but your employees won’t see it that way. They’ll see it as an inconvenience at best, and it takes more than just simple passwords that are easy to remember to keep your organization’s data safe.
Too many users simply enter in some personal details about themselves, a significant number, and click done, thinking it’s an appropriate password for them. Hackers and cybercriminals know this, and they try to take advantage of it any way they can. This includes looking up sensitive information about the target that they might find on an employee’s personal Facebook page. These kinds of social engineering tactics can be used to dig up dirt on just about anyone in your organization, providing hackers with just enough information to make targeted attempts at guessing passwords.
So… if your password is based on your dog’s name and the year you were born (and both of these can be found on your page), it’s likely that a hacker can use common tools at their disposal to hack your account. This issue compounds when the password is used for multiple accounts.
This issue can be resolved easily enough through the use of a password manager. These applications can store passwords in a secure, encrypted vault and call them only when they are needed. Depending on the email application used, employees might not even really think about their email passwords because the app doesn’t always ask for it, making it difficult to keep passwords top of mind.
2FA is a method used to augment password security by requiring a secondary code to access accounts or information. 2FA works by automatically generating a new passcode that is sent to a secondary email address or phone number each time you try to log into an account. These types of solutions make it so that a hacker needs much more than just your original password. They need access to all of your mobile devices and other accounts, too, making the effort to access your account more trouble than it’s worth.
Stop Clicking on Links and Attachments
If you receive an email and it has a link or attachment, your first instinct might be to click on it. Unfortunately, this habit can lead to a hacking attack, as scammers understand that the need to click on a link or attachment can be somewhat compulsive. An intern and CEO alike could make such an easy mistake, making this an effective method of spreading viruses and malware across systems. These phishing attacks can be tricky to identify, but there are certain giveaways that can make it easier. Links to external sites that are unrelated to the subject matter, poor spelling and grammar, and suspicious email domains are a few examples. Always make sure you trust the sender before downloading an attachment or clicking on a link.