Businesses have been forced to change their working practices as a result of COVID-19. The lockdowns introduced by governments around the world have meant businesses have had to rapidly change from an office-based workforce to having virtually everyone working remotely.
The restrictions on office work may have now eased, and employees are starting to be encouraged to return to working from the office, but remote working to some extent is now here to stay.
Most businesses have coped well with the new remote working environment. Many report that their employees have been just as productive, if not more productive, working from home. However, remote working is not without its challenges. Many businesses are concerned about how to ensure compliance with regulations with a remote workforce and how to ensure business and email continuity.
On Tuesday, September 22, 2020, TitanHQ is hosting a webinar to discuss some of the key challenges faced by businesses with a remote workforce and to introduce a solution to keep businesses moving forward when employees are working remotely and ensure business continuity.
During the webinar TitanHQ experts will discuss the following topics:
- The Current 2020 Technology Landscape
- Security & Compliance in a time of Global Remote Working
- Increase in Companies Relying Solely on Office 365
- Protecting Business Critical Data
- The Importance of Continuity in the Era of Remote Working
Attendees will also be given a live demo of TitanHQ’s cloud email archiving solution, ArcTitan.
Title: How to Ensure Business Continuity with Email Archiving for your Remote Workforce
Date: Tuesday, September 22, 2020
Time: London/Dublin: 5:00 pm (GMT +1) ¦ USA: 12:00 pm ET; 09:00 am PT
Hosts: James Clayton, ArcTitan Product Specialist ¦ Derek Higgins, Engineering Manager, TitanHQ
Despite the fact that there are some very straightforward way to uncover a phishing email that is sent to your network it still happens that workers are tricked into replying or clicking on links.
Phishing campaigns can be conducted cheaply, little skill is required, phishing can be very profitable, and the attacks often succeed. It is no surprise that more than two thirds of data breaches start with a phishing email, according to the Verizon Data Breach Investigations Report.
Spotting a Phishing Email
There is a strong possibility that a phishing email could land in your inbox in many different ways. Hackers change their tactics to try and fool staff members into handing over vital information or granting access to databases. You should use these steps, and advise your staff to do the same.
- Double Check who sent the Email: You need to make sure that the email you received didn’t come from a spoofed email. It might look like it came from a trusted company when there is actually one character changed so as to trick you. Place your mouse arrow on top of the display name and you will be able to see what the real URL is.
- Beware of Spelling Mistakes: Review closely for spelling mistakes If anything seems unusual then you should reconsider how you treat it. In some cases they are intentionally included so as to identify who is easily fooled. Later they will be sent another spam email to try and take advantage of them.
- Urgency is Typically Used by Phisher: ibn a phishing email t is likely that you will be implored to complete an action within a stated deadline before you become aware that the sender is not genuine. Urgency is one of the main tools employed by phishers to get people to hand over information. It is vital to take a few seconds extra to verify that the email is from some genuines and not a hacker.
- Beware of URLs: The aim of most phishing emails is to obtain access credentials or other valuable data. To do so they will try and get you to click on a URl that brings you to a website which hosts malware and can track all your online activity. In order to avoid this from happening take a few seconds longer to make sure that the website address is genuine.
- Thread Carefully with Email Attachments: Another way that phishers try to infiltrate your device it to include a file in an email that appear to be authentic. However, it will really be downloading tracking software to your device that will steal all sorts of information or lock access to your network until you pay a large ransom.
Business Anti-Phishing Solutions
There are many different option that you can choose and TitanHQ has created a couple of strong anti-phishing services to help secure your network. The spam detection rate reported by its SpamTitan service has reached a 99.97% level. This is done using a range of of checks such as RBL checks, Bayesian analysis, heuristics, machine learning methods to spot zero-day attacks, and sender policy frameworks to prevent email impersonation campaigns. Dual antivirus engines are deployed in order to spot malware and sandboxing is put to use in order to discover dangerous email attachments. Their other solution, WebTitan, is a DNS filtering solution that has the ability to prevent all web-based phishing attacks by blocking staff from viewing prohibited web pages and attempts to install malware.
All companies must be aware of the constant danger posed by phishers and hackers regardless of how big they are or how much profits they report. Phishing is when an email attack takes place using a lure to trick the recipient and a direction to to get the user to complete an action – such as downloading a file or visiting a link.
Phishing protection measures should be deployed to block both of these components. First, you need a solution that stops the phishing attack at source and prevents phishing emails from being delivered to inboxes. You should also have security measures in place to prevent information from being handed over to the attackers at the web stage of the attack. As an additional protection, in case both of those measures fail, you need to prevent stolen credentials from being used to gain access to the account.
Four Crucial Phishing Protection Security Tactics
In order for your company to successfully block phishing attacks you need to use four different modes of security:
- Web filtering: Hackers are always coming up with new tactics in order to try and trick people into handing over valuable information or allowing you to access databases. Spam filters (see below) can be implemented to prevent these attacks from being successful but you need to be conscious that some of the attacks will slip through the net almost every day. if you use a web filtering will refer to a range of blacklists to ensure that the websites your are trying to visit are safe and free from malware and phishing lures.
- Spam filtering: Your initial attempts to block these emails must be a spam filters as these can prevent 99.9% of spam, phishing, and malware-laced attacks via email. Using a range of different spam filters and blacklists of known hackers and origins of attack they can obstruct lots of different types of hacking attempts.
- Multi-factor authentication: in the unfortunate event of an attack taking place successfully and your access details being stolen then it is important that you have implemented multi-factor authentication to stop your databases being infiltrated using the stolen details.
- End user training: An often-neglected security measure is end user training for your staff. You need to educate them as to how they can spot phishing emails and hacking attempts. This should conducted on an ongoing basis a number of times during each year. In addition to this phishing simulations are a good idea to test you security measures and properly prepare your group for any possible cyber attack.
TitanHQ Phishing Security Solutions
TitanHQ has developed two powerful cybersecurity solutions to help you protect against phishing and malware attacks: SpamTitan email security and the WebTitan web filter. Both of these solutions have multiple deployment options and are easy to implement, configure, and use. The solutions are consistently rated highly by end users for the level of protection provided, ease of deployment, ease of use, and for the excellent customer support if you ever have any problems or questions.
Along with that, the cost is very up front and compares well with markets rivals. To learn more, call TitanHQ now or register for a free trial now.
Companies are always facing attacks from hackers using many different vector. Email is one of the main ways that they will target a company, typically using a lure email to get someone to download malware or visit a malicious URL that includes tacking cookies that will infiltrate your databases. Once a browser visits this site their information will be available to the hackers.
A recent attack took place on the SANS Institute, a leading information security training and certification group which specializes in anti-phishing guidance. However, in August 2020, the group made it public that one of its staff members had been taken in by a phishing attack and handed over their database access details. After stealing the details were stolen a new accounts was created and a mail forwarder was implemented to forward all emails to the hackers emails account. In total, 513 emails were forwarded that included some private data belonging to SANS account holders. Once the attack was discovers it was calculated that the private information of 28,000 SANS members was stolen. Now the attack is being used by the SANS Institute to show people that no group or company is safe.
Even the best trained individual can be taken in by lures and hackers are constantly changing their methods of attack. A new style of attack may be even more authentic looking than anything that has eern been seen previously so you always need to be on your guard.
In most cases you can block phishing attacks by uses a number of different security steps. The reason for using so many tactics is that one will work if another one doesn’t. As the success of phishing attacks are constantly improving using a security solution that works like this has never been more important.
Along with conducting normal end user training and phishing simulation emails to enhance your staff’s awareness of cyber attacks you will need to deploy an advanced spam filter. Office 365 comes with a low entry level of protection that comes with the software called Exchange Online Protection (EOP). However you will need to add a third-party solution like SpamTitan to prevent more threats from infiltrating your systems. EOP prevents spam, recognized malware and vast majority of phishing emails, but SpamTitan will greatly improve security against more complex phishing attacks and zero-day malware.
You should also think about using a web filter to prevent the web-based component of phishing emails from hitting your databases successfully. When a staff members tries to view a malicious web page that is used to steal details and other sensitive data, a web filter can stop that website from being viewed.
using a spam filter, web filter, and end user training, means you will be fully secured, but you should also use two-factor authentication. If details are illegally obtained, two-factor authentication can stop those credentials from being used by the hacker to obtain access to the account.
An active voice phishing (vishing) campaign is being used to attacked those workers, form many different industries, who are currently working remotely.
The campaign sees threat actors pretending to be a trusted entity and try to leverage social engineering tactics to persuade victims to share access to their corporate Virtual Private Network (VPN).
A joint advisory about the attacks has been released by the Federal Bureau of Investigation (FBI) and the DHS Cybersecurity and infrastructure Security Agency (CISA). This type of attack has grown in popularity in recent times to the the huge increase in remote working during the COVID-19 pandemic.
The attack begins with the hacking group buying and registering domains that are used to host phishing pages that pretend to be the targeted company’s internal VPN login page and SSL certificates are obtained for the domains to make them appear real. Many naming schemes are used for the domains to make them appear real, such as [company]-support, support-[company], and employee-[company]. The cybercriminals then harvest data about company employees.
The range of information collected includes names, addresses, personal phone numbers, job titles, and length of time at the company. That information is then used to gain the trust of the targeted staff member.
Employees are then contacted from a voice-over-IP (VOIP) number. Initially the VOIP number was not revealed, but later in the campaign the hackers began spoofing the number to make it appear that the call was coming from a company office or another staff member in the firm. Employees are then told they will be sent a link that they need to click to login to a new VPN system. They are also told that they will need to answer any 2-factor authentication and one-time password communications shared to their phone.
The attackers capture the login information as it is entered into their fake website and use it to login to the proper VPN page of the company. They then capture and use the 2FA code or one-time password when the employee responds to the SMS message.
The hackers have also used SIM-swap to bypass the 2FA/OTP step, using information gathered about the employee to persuade their mobile telephone provider to port their phone number to the attacker’s SIM. This ensures any 2FA code is sent directly to the hacker. The threat actors use the details to access the company network to steal sensitive data to use in other attacks. The FBI/CISA say the end goal is to make profit from the VPN access.
The FBI/CISA recommend groups limit VPN connections to managed devices using mechanisms such as hardware checks or downloaded certificates, to restrict the hours that VPNs can be used to access the corporate network, to use domain monitoring tools to manage web applications for unauthorized access and anomalous activities.
A formal authentication procedure should also be created for employee-to-employee communications over the public telephone network where a second factor is required to authenticate the phone call before the disclosure of any sensitive data
Data should also monitor authorized user access and usage to spot anomalous activities and employees should be notified about the scam and instructed to report any suspicious calls to their security department.
While it is widely recognized that there are many different business advantages to be gained by configuring an email archive in order to assist your organization achieving 100% compliance, there are a multitude of benefits to be gained for your individual departmentals.
When you install an email archive you will have an instant record of everything that happens on your email server, where it is located. Email retention is guaranteed and in place for compliance reasons should an audit be required to take place. Additionally, disaster recovery is much easier is the event of a physical disaster or a ransomware attacked resulting in the content of your email server being inaccessible. However, there are numerous other advantages to be gained by configuring an email archive including:
1. IT Staff Email Archiving Benefits
Your IT department will be very happy with the configuration of an email archive as it will mean that they have instant access to old mails as soon as they are required. This will make it much easier to process all staff requests for email recovery. You can also set some email archives to allow staff members their own access to their email archives. In the same manner human resource investigations become much more straightforward. The strain on servers is lower as there is not need to hold archives locally in PST files or on the mail server. This eliminates a huge security risk. Productivity is increased as less times will need to be spent on maintenance and performance of the network should be smoother with less pressure on bandwidth.
2. HR & Legal Departments Email Archiving Advantages
As stated previously HR investigations are easier to conduct suing an email archive. This investigations can be completed much quicker as IT staff can provide the necessary information in much less time. This will result in the outcomes of HR investigations being known much sooner. EDiscovery requests can also be completed much quicker and can be processed in a matter of hours rather than days. From a legal standpoints there is an immutable record of emails, which is crucial for all legal actions. Due to this the legal staff can be certain that no email have accidentally gone missing and can find everything using an audit trail.
3. Staff Advantages
Adobe have produced research that revealed staff dedicated massive amounts of time to managing email during 2019. found that employees spend a huge amount of their time on email, on average 5 hours on a daily basis. This is a massive productivity drain. With an email archive nothing will be misplace so there will be no time spent searching for missing emails.
There is a 30-day free trial of ArcTitan emailing solution will which allow you to ascertain how this solution will assist your organization. If you are considering a change from your existing email archive provider than call the TitanHQ team now so we can go through the full range of advantages to be gained when you configure our solution.