Always Think Before You Click
We have recently noticed an uptick in malicious e-mails received by our clients. Please exercise caution when clicking on links or opening attachments, even if it appears to be coming from a trusted source. Avoid sending sensitive information over e-mail, it is always possible the recipient’s email address is compromised. Malicious actors are trying to take control of your systems and take money from you and your company.
If you see anything suspicious, do not hesitate to mark it as so, or to reach out to us at support@insemail.com so we can investigate. If you have accidentally clicked on something that might be malicious, please let us know. We will investigate any potential breaches and work to secure your company’s information as soon as possible.
Some things to look for:
Sender Address: Phishers will commonly use email addresses that look like a trusted or legitimate one in their attacks. Always check the sender’s address for errors, but remember that an attacker may have compromised the real account and is using it for their attack.
Tone and Grammar: Often, a phishing email won’t sound right and will include spelling and grammar issues. If an email seems off-brand for the sender, it’s probably malicious.
Mismatched Links: You can check the target of a link in an email on a computer by hovering over it with your mouse. If the link doesn’t go where it should, the email is likely to be malicious.
Odd Attachment Types: Phishing emails are frequently used to spread malware. If you receive an “invoice” that is a ZIP file, an HTML file, an executable, or something else unusual, then it’s probably malware.
The Push: Phishing emails are designed to get the victim to do something. If an email elicits a sense of urgency or pushes a particular action, then it may be malicious.
There are also a number of tools we can use to mitigate the inflow and effects of malicious emails, described below:
KnowBe4
KnowBe4 provides education and instruction for you and your employees, teaching them how to recognize malicious messages and respond appropriately.
Microsoft Defender for Office 365
If your email is hosted by Microsoft using Office 365 / Exchange Online, consider upgrading to higher-end filtering services, which more aggressively filter dangerous mail. This can be added onto existing licenses or can be one part of an upgrade to higher-end Office licenses and features.
DropSuite
We recommend using Dropsuite to backup your Office 365 data, including e-mail as well as documents hosted on OneDrive and SharePoint. Backing up this data eliminates any concern of your data being lost as part of a hack or other disaster.
Reach out to us for further details and for analysis of your situation, so we can help protect your company from online threats.