Blogs and Posts

Tips for Better Email Security
- By: Garry Feldman
- Date: February 17, 2016
Security is the foremost concern in the strategy and development of IT networks and support. Balancing the need for more access with the security holes that access can leave is difficult. That is why it is important to focus on the most used of theses portals into our network: email.
Email Scams
So as a C-level corporate executive or assistant of a company, you receive an email from your CEO to transfer funds from your company to an account for a payment or other reasons. You dutifully transfer the funds as requested only to find out that they were actually transferred to an offshore account owned by foreign hackers. The company has lost millions. So what happened?
Hackers compromised your email system and appropriated the account of a c-level employee. This is becoming a more common occurrence. The FBI estimates that criminals have netted nearly $750 million between October 2013 and August 2015 by compromising 7,066 companies.
How the Hack Works
Hackers don’t even need to take over your network in order to do this. They simply use a process called spoofing. Spoofing is a way to make an email appear to be sent from inside your security firewall and from your internal email server. It makes it very difficult for any email protection systems to spot these emails as a scam because spoofing tricks the system into thinking that the emails are coming from the inside.
Be Careful of Email Attachments
A key way to fight email hacks is to educate users about phishing scams and the dangers of clicking on email attachments from untrusted sources. This is how hackers are able to get the information about the business networks that they can then use to compromise your email system. The best thing you can do is deprive hackers from this information in the first place.
Two-Step Authentication for Large Business Transfers
Another method that can be used is a two-step authentication process for fund transfers from C-level employees. The way a two-step system works is that along with the email, a numeric or other type of code is sent from an independent source. Depending on your company’s preferences, there are a variety of applications which deploy two-step authentication procedures.
In order for the transfer to go through, it must first be placed, then the authorization code must also be sent along with the request. Without the correct code, wire transfers never happen, and the money is never lost.
Two-step authentications can also be used prior to this by having your email login process require this feature. Without the correct code, your system will be alerted to an unauthenticated email that can be disregarded.
Trust U.S. Computer Connection for Your Help with Your IT Strategy
If you are planning on setting up a two-step system for your company or have other security consulting needs, contact the experts at U.S. Computer Connection today.
White Papers
-
Ransomware E-book
The Business Guide to Ransomware.
-
IT Move: Soup to Nuts
Take a look for IT Move Project Planning.
Blog Archive
Blog Archives
- June 2019 (1)
- May 2019 (1)
- April 2019 (1)
- December 2018 (1)
- November 2018 (1)
- September 2018 (1)
- August 2018 (4)
- July 2018 (5)
- June 2018 (7)
- May 2018 (5)
- April 2018 (5)
- March 2018 (5)
- February 2018 (4)
- January 2018 (5)
- December 2017 (6)
- November 2017 (5)
- October 2017 (6)
- September 2017 (6)
- August 2017 (4)
- July 2017 (4)
- June 2017 (6)
- May 2017 (4)
- April 2017 (6)
- March 2017 (4)
- February 2017 (5)
- January 2017 (5)
- December 2016 (5)
- November 2016 (5)
- October 2016 (4)
- September 2016 (6)
- August 2016 (4)
- July 2016 (7)
- June 2016 (7)
- May 2016 (6)
- April 2016 (5)
- March 2016 (7)
- February 2016 (5)
- January 2016 (5)
- December 2015 (6)
- November 2015 (1)
- October 2015 (2)
- August 2015 (5)
Categories
- Backup and Disaster Recovery (12)
- Business IT (73)
- Security (5)
- Security Tips (71)
- Training (35)
- Uncategorized (5)
- Webinar (28)