We’re sure you have been all following the Sony email hack story, which resulted in the exposure of months of confidential employee emails. As the ramifications of this still continue to be felt across the entertainment industry, it has highlighted the very real threat that ALL companies face from anonymous hackers. One powerful method that hackers use in order to get access to confidential company files is to send fake emails with malicious links to employee inboxes.
Archive all emails early and often
Use either your corporate email system or dedicated software to set up regularly scheduled archiving so that emails are moved off the server after a certain number of days. This limits the access that hackers have over important emails. Archived emails will still be accessible via your workstation, but they will no longer be easily accessible on websites outside the office.
Improve organizational skills
When an email comes in, deal with it! Sort all emails into folders, which segments your data. This will require a hacker to know which folder to go to and when used with email archiving, it makes it that much more difficult for information to become compromised. If information is very sensitive, it can be removed from your inbox by deleting the email and saving what is needed to another location such as an external drive.
Separate work and personal emails
Do not use your work email address for personal reasons and vice versa. This then limits the details a hacker can glean about you to conduct more sophisticated cyber attacks. For example, a hacker could learn about your online shopping habits and use them to send a phishing email that appears to come from a website you have bought products from recently. This phishing message will have links that route you to a fake address where the hacker can then gain access to your corporate system. See how something that seems very minor can result in something much more dangerous?
Never click on unknown links or attachments
If you receive an email with a link or attachment that you are not expecting, hover the cursor over the hyperlink or right-click to show the link’s final destination. If you have any doubts, delete the email or pass it on to your IT department for further investigation. By reacting quickly, you can prevent someone else at your company from making a mistake. A common example is an email from a financial institution like a bank. Always remember that these companies will never ask you to confirm your contact details over email, so this is a sure sign of a phishing scam.