EMAILS – THE CYBER ENEMY OF BUSINESS
Email-based cyber attacks continue to be the number one threat to business in Australia with
phishing or spoofing emails the most popular attack weapon.
Phishing is a cyber attack that uses disguised emails. The aim is to trick the email recipient into
believing that the message is something they want or need — for instance a parcel delivery notice, a
request from their bank, a note from someone in the company — which comes with a link to open or
an attachment to download.
Research has shown that a phishing campaign of just 10 emails normally results in a 90% chance of
at least one email recipient being caught out.
As phishing attacks become more sophisticated, it’s critical for everyone in any business to be on
guard about their email behaviour.
There are some email habits which can which can help lower the risk to your business.
Cyber criminals often try to hide suspicious URLs by linking them in harmless text such as “Click on
this to RSVP!” or “download this attachment.”
Users need to break the bad habit of immediately clicking on to hyperlinked text. Instead, hover over
hyperlinks to determine if the URL looks legitimate.
When you’re looking at the URL, look carefully for any subtle misspellings in the domain name.
Scammers will use slightly misspelled variations of well-known sites to trick you into simply
skimming the URL and clicking. Always make sure to check the entire domain name, not just the
When the victim clicks on the attachment, the file downloads the malware. Employees should be
made aware of the importance of scrutinising sender information in any email they receive that’s
even slightly out of the ordinary.
Even if an email appears to come from a familiar source, if there’s something that seems odd (poor
spelling or grammar, the nature of the request, or different email signatures), encourage your
employees to double-check with the sender face-to-face, or over the phone to confirm the email is
Protect Confidential Files
Phishing scams that are looking to obtain confidential corporate information, such as client or
employee records have become popular in recent years. These attacks typically take the form of an
email impersonating an executive-level employee, or another professional contact asking for some
sensitive information to be emailed to them.
To combat this, encourage your business or organisation to consider using file-sharing tools such as
Dropbox, SharePoint or other document management systems that can help eliminate the need to
attach sensitive information to emails.
Educating your employees is key. Promote cyber awareness training and encourage your employees
to be more vigilant for potential attacks. Remind them that anyone can be the target of a phishing
email. This is important, because the majority of phishing emails are sent out in campaigns. If one
employee has received a phishing attempt, it’s possible that others in the organisation have also
Provide Adequate Protection
Having adequate IT security to remove rogue emails before they become a risk to your business is
the best option.
THINK Technology Australia can provide email security solutions, which integrate with email hosting
providers like Microsoft Office 365. Email traffic is scanned at the gateway to stop threats before
they gain access to your servers. Safer web browsing is enabled by preventing the download and
execution of malicious codes.
For more information on how we can help protect your business from cyber attacks call us on 1300920 866.