Surely you may have at one time or another received an email warning of an outstanding invoice, a parcel shipment that you did not expect or a warning from the bank about suspicious activity in your account. These messages usually adopt an alarming tone and provide you with a link to a website that you must visit right away to verify your personal information or to complete payment information. Caution! This is a “phishing” attempt, one of the most popular scam methods on the Internet!
Now that most people are familiar with and thus able to avoid standard phishing attacks, malicious actors have shifted to something more insidious. Email spoofing is an attack in which attackers impersonate someone the target knows, is a much more subtle way to compromise a user’s credentials or device. Like phishing, however, once you know the signs of a spoofed email and train other users on how to spot them, addressing the issue is often straightforward.
It’s the holiday season again, which means family gatherings, good food, and plenty of toasts. It also means a lot of online activity—buying gifts, getting promotional offers, booking deliveries—all of which mean a continuous flow of emails sent to your personal and business accounts. With so much going on, even experienced users can accidentally fall prey to one of the many “hooks” that cybercriminals are putting out there.
We live in a world where 83% of security professionals believe that employees have accidentally exposed customer or business-sensitive data at their organization via email (Business Wire). This sheds light on a great vulnerability faced by MSPs and internal IT businesses worldwide: once you share critical information with your end users, that data is no longer in your hands, hence your security does not extend to it anymore. If only there was a way to prevent that! Luckily, there is.