Just like a good fisherman, hackers know how to use bait to trick their victims to bite the hook. The hacker’s goal is to get information out of his victims. The Anti-Phishing Working Group (APWG) tracks and studies incidents of phishing fraud, and states that there were more than 1.2 million phishing attacks launched in 2016, an increase of 65% compared to 2015. We can expect that in 2017 there will be even more attacks, costing companies billions of dollars.
Examples of phishing could be someone posing as a bank trying to get your personal information in an attempt to steal it. It could also be someone impersonating your HR Department trying to confirm your bank account, address, or any other type of sensitive information. Here is an example of financial phishing with a fake email from the “IRS.”
At a glance this email looks legitimate. There is an IRS logo, which makes it look like it came from the Department of the Treasury. The complexity of the email causes the reader to skim over the content for important information. The focus becomes the message, not necessarily the authenticity. When the victim sees the possibility of getting money from the IRS easily, it is very tempting to bite and click the link. But take a look a close look at the strange address from which this email was sent. This is something that is easy to miss while skimming. Many people would see this email as legitimate and would likely click the link.
When employees click malicious links, it can cost companies millions of dollars and many days to rectify the consequences. Just by clicking the link you expose yourself, your bank account, and other people within your company to risk. This visualization shows the monetary consequences of phishing and other cyberattacks.
The damage caused by the phishing and cyber attacks outlined above cost businesses 12.5 million dollars, and took 23 days on average to recover from a cyberattack. These attacks started when an employee clicked on a phishing attack that was sent to them through their email.
One of the world’s biggest crude oil producing companies, Rosneft, was a victim of a cyberattack in June 2017, when “a virus got into computer systems via ‘phishing’ emails written in Russian and Ukrainian designed to lure employees into opening them.” This infection not only shut down the company, but several other institutions such as banks, European businesses, and even an American drug manufacturer. This malicious infection cost the company and others millions of dollars.
Now imagine if one dangerous phishing email landed in the inboxes of one thousand of your employees. Chances are that at least a few of them would click on it, potentially exposing sensitive information and, even worse, infecting your network with various types of ransomware that could hold your entire company hostage.
How to Protect Your Employees and Company from Phishing
You can improve your company’s security by informing and training your employees about phishing schemes, the dangers of opening links from unfamiliar sources, and other ways to avoid viruses. Unfortunately, informing is not enough with today’s threats. The best protection is to prevent the threat completely with cutting edge security. Ideally, your antivirus solution will make sure infected emails never reach employee inboxes. However this is difficult to achieve because there are at least 400,000 new types of malware created every day. Additionally, a security program’s filtering policy that is too strict will stop legitimate emails from reaching your inbox. It’s important to have an adaptive solution that acts as a gateway between your email server and incoming and outgoing messages.
Micro Focus Secure Messaging Gateway
Micro Focus Secure Messaging Gateway, (formerly known as GWAVA 7) provides an all inclusive anti-virus, anti-spam, email filtering security solution with zero-hour protection, which eliminates downtime and decreases vulnerability. Instead of manually updating the system, Secure Messaging Gateway is always connected to a library where virus and malware definitions are updated every hour. This keeps your email security up-to-date and keeps malware out of your employees’ inboxes without the need for constant software updates, and without impeding important emails. Secure Messaging Gateway provides these features, and more, for Microsoft Exchange, Office 365, Gmail, GroupWise, Lync and IBM Notes.
The latest release of Secure Messaging Gateway is available now and includes the following features and updates:
- Anti-virus, anti-spam, and email filtering for Microsoft Exchange, Office 365, Gmail, GroupWise, Lync and IBM Notes
- A new upgrade path from GWAVA 6.x to Secure Messaging Gateway
- Support for DomainKeys Identified Mail (DKIM) for sent and received email
- Automatic updates to the system on the last Thursday of each month
- Complete protection of your GroupWise system, intercepting all messages passing through GroupWise MTA, POA, WebAccess, and GMS (GroupWise Mobile Server) and ensuring they are free of viruses, spam, and malware
- Micro Focus branding
Learn more about the new release of Secure Messaging Gateway by listening to our webinar!