The Rise of Email-Delivered Malware
Recent events in the world have once again highlighted the fragility of society. The most serious and alarming of these events is the conflict between Russia and Ukraine. Consequently, there is a significant increased threat surrounding email-delivered malware. The combination of malware and email is closely related to each other. It is estimated that approximately 90% of malware is delivered through email.
It is widely reported and generally accepted that since the escalation between Russia and Ukraine, cyberattacks have been used to contribute to the destabilisation of Ukraine’s regime and critical infrastructure.
However, every organisation finds itself the potential target for cyber-attacks. Russia is at the forefront of the conversation, but cyber-attacks can be instigated by countless players and range from low-level phishing attacks to destructive attacks targeting critical infrastructure.
The most common form is Phishing. Phishing is a cyber fraud, in which a cybercriminal tries to impersonate a person or company to gain your trust and trick you into performing detrimental actions such as inputting sensitive credentials, giving out internal information or simply tricking a user into clicking on a malicious link.
There has also been a significant increase in malicious files (e.g.: excel & word documents) attached to emails to encourage the user to open the file and compromise their machine. The desired outcome for the cybercriminals is to gain a foothold within your organisation’s infrastructure.
Food for thought:
CISCO’s 2021 Cybersecurity Threat Trends report suggests that at least one person clicked a phishing link in around 86% of organisations. The company’s data indicates that phishing accounts for approximately 90% of data breaches.
Kogo’s recommended actions you should take:
- While you can’t stop hackers from sending phishing or spear-phishing emails, you can train and ensure employees are prepared when one is received.
- Training employees on what to look out for can significantly reduce the risk to your business. Train employees to recognise and be aware of the critical characteristics of a phishing email. Awareness will instil a mindset to be scrupulous and inspect emails, attachments, and links before taking any further action. Click here to read our blog on how to recognise email scams.
- Check your current security infrastructure and practises: You should check the current cybersecurity infrastructure and security technology.
- Evaluate users’ cybersecurity awareness training, incident response, reporting and other security policies.
- Implement multi-layered solutions for email security: Sophisticated cyber-attacks like ransomware is evolving day by day and they need advanced solutions to protect your users and business.
To discuss how Kogo can measure and help improve your security efficiently give us a call on 01342 333000 or contact us at [email protected]