Employees Must Be Vigilant About Safe Email Practices
With every facet of our lives upended by the coronavirus pandemic, the last thing we need is one more thing to worry about. But the threat of cyber threat actors exploiting the panic and fear this pandemic has triggered is real for employers and their employees. Fortunately, there are tangible and effective actions employers can take to mitigate the risk of phishing scams, so you can focus on navigating your business through these extraordinary times.
During this global health emergency, the line between legitimate information sources and fraudulent reports are dangerously blurry. And cyber threat actors know that this is the perfect opportunity to pounce and exploit individuals and businesses. But through a proactive and vigilant approach, employers can create awareness of this cyber threat and educate employees on how to safely navigate this unprecedented event to avoid being victims of the latest phishing attack.
Phishing emails are used to install malware that can give hackers access to company systems. According to cybersecurity firm Checkpoint, since January 2020, there have been over 4,000 coronavirus-related domains registered globally. Out of these websites, 3% were found to be malicious and an additional 5% are suspicious. Coronavirus-related domains are 50% more likely to be malicious than other domains registered at the same period. That means employers and employees have to be hypervigilant about what appears in their inbox.
Employers can guide their employees in following best practices for safe email communication:
- Avoid opening emails, downloading attachments, or clicking on suspicious links sent from unknown or untrusted sources.
- Never call a phone number included in a suspicious email or reply to the sender.
- Verify unexpected attachments or links from known senders by contacting them via another method of communication.
- Avoid providing your email address, phone number, or other personal information to unknown resources.
- Avoid providing sensitive information to anyone via email, if you must, be sure to encrypt it before sending.
- Be skeptical of emails written with a sense of urgency and requesting an immediate response, such as clicking on an embedded link.
- Beware of emails with poor design, grammar, or spelling.
- Ensure the “sender name” corresponds to the correct email address to identify common spoof tactics.
- Never open spam emails; report them as spam and/or delete them. Do not respond to spam emails or use included “Unsubscribe” links, which will confirm your email address is active.
Furthermore, organizations are strongly encouraged to conduct ongoing training sessions to educate and inform personnel about cybersecurity threats and the best practices to minimize them. Also, it is highly recommended that employers set up and promote their internal compliance phone and/or email address to report any suspicious emails.
This is an extraordinary time, which requires extraordinary measures to navigate safely and successfully. The coronavirus pandemic has created uncertainty, which can be overwhelming for employers to navigate. Through this ambiguity, we hope that the above steps provide clarity to employers on tangible actions they can take to protect themselves and their employees from cyber threats as the world focuses on containing this pandemic.
If you’re seeking guidance on protecting your company against cyber threats, contact us.