Emails are part of every business in today’s world, but it is also one of the biggest security risks. BEC (Business Email Compromise) is rising every year. In addition, it is becoming common for criminals to use different phishing and spoofing attacks to probe organizations. In recent years, Ransomware has been growing rapidly and poses a greater risk to companies. What you don’t know is that email is a common entry place for Ransomware.
But no need to worry about this. There are some countermeasures to this issue. These email security practices can go a long way for organizations from several threats. Here are some best practices to avoid Business Email Compromise:
Use Strong Passwords
It would be best to use strong passwords that meet the following criteria:
- It must complete a minimum length requirement.
- It must contain letters and numbers.
- It must contain both lowercase and uppercase letters.
- It may not have full name data.
- It should not be a commonly guessed password like 123456 or abcdef.
Use 2FA (Two-Factor Authentication)
Many people think that only professionals can do 2FA, but it is not a difficult task. It is more like adding another shield to the account. Thankfully, almost every platform offers 2FA, but you can use another email provider if your system doesn’t support it. Also, if a hacker guesses your password, 2FA will stop them from entering before they get a sneak peek of your emails. Usually, two-factor authentication codes are sent to you by email, SMS, voice calls, or OTPs.
Be Careful of Suspicious Attachments
Nowadays, file sharing in the workplace mostly happens via collaboration tools like OneDrive, Dropbox, or Sharepoint. Therefore you should treat every file attachment in the mail suspiciously, even if it is from your colleague. Be more careful about the attached file with unfamiliar extensions or one that commonly delivers malware payloads (.zip, .exe, .scr, etc.).
Never Access Your Emails from Public Wi-Fi
If you take the office devices home or open your work emails from personal devices, do not access emails on public Wi-Fi. It is because cybercriminals can easily discover data passing through publicly accessible Wi-Fi. So, your sensitive data and login credentials both are at risk. Accessing emails is best when you are confident about network security. Opt for a safer option using mobile data or internet dongles outside the office.
Change Password Regularly
Many people keep passwords for years. But it is one of the biggest cybersecurity mistakes. The simplest yet most effective email security practice is regularly changing passwords. You must ensure the following things:
- Have a new email password after every 2 to 4 months.
- Use devices or do it yourself instead of leaving it to other people to update credentials.
- Do not add one of two characters to the current password when creating a new one. Change the entire password.
- Do not use passwords that you already used in the past.
BEC is a criminal phenomenon that has potentially severe consequences. BEC criminals usually live outside the country, so it is difficult for law enforcement to prosecute them. Therefore, prevention and detection are crucial. So, all companies should educate their employees and create an environment encouraging compliance.