Skip to main content

Inbox Threats: Addressing Business Email Cybersecurity Threats

By May 17, 2016Article

While most business owners and analysts remain indecisive when it comes to possible advantages and disadvantages of the Internet of Things, one thing that is universally acknowledged, and considered as an inevitable aspect of this rapid progress is the rising number of security threats. More than 100 billion emails get exchanged on a regular basis. Approximately 23 percent of this astonishing figure is business emails. And with this number growing five percent on an annual rate, email scams are becoming a very real and a very expensive threat as well. 

The majority of small business owners, and even executives of somewhat larger enterprises, are already investing in or are planning to invest in their cybersecurity. However, as many as 40 percent of decision makers do not consider their cyber safety to be that important, according to a PwC report. In reality, the number of threats is on constant rise, and business owners should be well aware of the possible threats, including the ones lurking in their very inboxes. 

Web attacks, phishing malware and ransomware 

There are roughly 800,000 Web attacks happening on a daily basis. And depending on your company size, you are bound to receive a malicious malware in your email sooner or later. Although small businesses receive potentially malicious messages at a rate of one email in every 128 messages exchanged, this seemingly comforting statistic hardly separates SMBs from large enterprises.

Believe it or not, if you are working in a company employing 20 or fewer people, the probability that you will end up as a target and get exposed to a cyberthreat is higher than it would be if you were working for a company that employs a thousand people. 

This is why it is crucial for all business owners to take their cybersecurity in all seriousness and spread awareness among their workers about the potential attacks. The latest reports from Symantec confirm that one in every 1,700 emails contains a piece of phishing malware. Phishing malware is currently one of the most dreaded threats, and it is distributed through emails and seemingly credible links that are meant to deceive the user in order to extract information and vital data. 

In some cases, this type of malware can even lock the user’s information until a ransom is paid. This type of malware is called ransomware. However, there are even more emerging techniques that the business world will have to learn about in order to keep their online commerce and correspondences safe. 

Rising risks and the price of a cyberattack 

On a global scale, cyberattacks cost companies as much as $400 billion dollars per year. And they can happen almost to anyone. Last year, we witnessed one of the largest, and possibly the most dangerous breaches, so far: a breach in the Department of Homeland Security, as well as the FBI and IRS, which resulted in 29,000 records stolen. 

While the general public is more or less aware of various threats that are lurking online, company executives and business owners have a responsibility to stay informed about the latest trends and possible dangers in the world of IoT. 

Recently, the FBI published a press release warning business owners and executives about the alarming growth of email threats, in a form of business email compromise scams. Since January 2015, the FBI has documented a 270 percent increase in the number of victims affected by this threat in particular. 

In the United States alone, companies lost a total of $1.1 billion across the past eight months, due to whaling attacks, filed through a total of 17,642 reports from companies of various sizes. This type of threat, called the “whaling scam,” or the “BEC” and the “CEO scam,” as they are popularly referred to, is one of the most common types of scams because of an obvious reason: It is by far the most lucrative type of a con that a hacker can employ. Sums vary across industries and depend on the size of the company; but amounts as high as $700,000 were lost due to this type of somewhat elaborate scam. 

Addressing the threat 

Recognizing potentially malicious email can sometimes be a difficult task. But from the reports filed, we can conclude that there are some protective measures that can help you significantly in keeping your inbox clean from cyberthreats:

  • Register all Internet domains that are similar to your own company domain. In this way, you will ensure that no one can use similar website addresses and potentially misuse them.
  • Use a two-factor method of authentication when you transfer funds and make sure that you’ve authorized every large transfer via phone and email. This should be your standard operating procedure so that you can be sure that your employees won’t be scammed into transferring funds without your approval.
  • Establish a transparent CRM system that will help you monitor the habits and details of your clients. In this way, your staff will have no trouble noticing anything out of the order.
  • An intrusion-detection system is also an alternative that you might want to look into. This system can help you tag email addresses that are similar to your own website address, marking them instantly. 

With so many businesses moving online, we can definitely expect a rising number of threats as well. It is only logical. And as we have established, all companies of all sizes can be affected by a cyberattack. Statistically, it is just a matter of time when your inbox will receive a transfer request that you are not aware of or a suspicious link that might just catch you off guard. 

Do not allow yourself to be caught off guard. 

James D. Burbank is an independent technology writer and editor-in-chief of BizzMarkBlog. He has spent years in the trade show industry, helping Australian businesses exhibit in parts of the world such as Southeastern Europe and Central Asia.