Defending your data network against viruses, malware, ransomware, and other threats is a never-ending battle. Some attacks can be very sophisticated, using extremely complex techniques to try and exploit even the most secure networks. However, the vast majority of threats to your network – over 80% – are delivered through a very basic method: email.
Email is a common tool that many of us use constantly at work. Oftentimes, we use it without giving much thought to what we’re doing or what we’re opening.
It’s normal for co-workers, clients, or new prospects to communicate and share files with us via email. The file can be a document, spreadsheet, PDF, etc., but the fact is that it’s common and repetitive to us.
Like anything we do frequently, we can develop muscle memory. Think about the program guide on your TV – you probably navigate the menus without thinking. After an update or a provider switch, those menus can change and you might click the wrong buttons out of habit. No harm there.
But consider making the same mistake when a document is sent to you. The message arrives, and you briefly glance at who it’s from. Maybe you recognize them, maybe you don’t. You see an attachment, and you open it out of habit. The file is infected, and in less than a second, the damage has begun.
Like it or not, the people who are attacking your systems are running a business. Like any business, they are concerned with the return on their investment. Developing high-end, sophisticated attacks takes time and skill, which is expensive to do.
However, minimal skill is required to send an email – and that process can be replicated to hundreds of thousands of users with a simple click of a button. And almost everyone working today might accidentally open an email with little to no thought.
For small businesses, having a firewall, an email filter, and anti-virus software is a must. We can help install and maintain that infrastructure. Unfortunately, the methods that attackers use to slip under your defenses are always changing.
It is important that you and your staff – the end users who do the clicking – still do your part and remain vigilant. Attackers send such a high percentage of attacks through email because of that human element. It works.
It’s essential that you fight your muscle memory and treat email like physical mail. Look at what is being sent, who it is from, and if there is anything attached. If anything seems off, do not open it. Always err on the side of caution.
Also, if you do open something you shouldn’t, it’s better to notify your IT department or provider of a potential issue so they can look at what you were sent.
Often, I have observed someone get a suspicious message, open it, notice something is not right, then forward it to a co-worker for help. By sending the message on, there is a potential to increase the scope of damage done.
Those looking to do harm and steal information will always try the path of least resistance. All the security in the world can’t stop an intruder if you open the door for them.
The same caution you take at home when an unexpected knock is heard should be how you handle all email. Consider the source and content, and if you have doubts, don’t open the message. Delete it.
Malware will never be fully eradicated – cybercriminals will make sure of that – but you can do your part to make sure you do not infect your PC or business.