July 12, 2022
Email phishing is still a threat to businesses
Cyber security should be a core pillar of any company’s IT strategy. The number of cyber attacks has sharply risen since 2020, so enterprises need modern IT security solutions that include various threat detection, mitigation and reporting services. These should be able to protect a business from advanced cyber attacks, such as distributed denial of service (DDoS) attacks, and simple scams, like email phishing.
Believe it or not, email phishing is one of the oldest and most basic threats, yet it is still prevalent today. Hackers or scammers will send a fake email that looks like it has come from a legitimate source - either the business itself or a customer - to an employee. The employee will open the email and click on a link, which then launches the phishing software.
SEACOM Business offers various cyber security solutions to companies in East Africa. These include full-service hosted security and DDoS Protect. We have partnered with leading IT security providers to ensure safe end-to-end security services for enterprises. These solutions can help to detect and mitigate various cyber threats, including email phishing attempts.
Email phishing can lead to bigger problems
These types of threats are very easy to create and have a fairly high success rate, despite many people being aware of them. A compromised business email can lead to a large-scale data breach, a costly ransomware attack or a loss of the personal information of customers and employees. While an email compromise might not be too significant, the post-compromise effects can be massively damaging for a company.
This is why email remains one of the most effective routes for scammers and cyber criminals that target large companies. Around 91% of cyber attacks are the result of email phishing. In addition, these attackers have become smarter and more effective with their phishing strategies; they can now launch a sophisticated attack by targeting just one employee.
As more employees have started working remotely, not just in Africa but across the world, scammers are finding it easier to target people through their personal devices. These laptops, smartphones and home computers often do not have advanced cyber security software, yet they are still linked to business servers and data centres.
New email security solutions are always being developed
As cyber security software is developed and updated, it becomes more effective at stopping attacks. However, like a vicious cycle, as the security software becomes better at its job, so too do the threats created by criminals. The sheer sophistication of modern phishing attacks is proof that cyber security solutions have been working over time.
This is why new security solutions are always being developed. Legacy software may be effective at stopping the most basic phishing attempts, but modern IT security solutions are needed to prevent new threats and advanced impersonation techniques. This is why companies need a range of security services to ensure complete, end-to-end protection against a growing array of threats.
How companies can improve email security
The first solution is to choose a reputable IT security provider that can meet your requirements. Do some research and find a local company that offers multiple cyber security services from renowned international vendors. Your preferred security provider should also offer round-the-clock support and consultations.
Next, your company needs to update its security policies and response plans. These will allow the business to respond immediately and effectively to any cyber attack, which will minimise the damage done. Perform drills and simulated attacks to see if the software and IT staff respond appropriately.
This leads to the next solution; employee training. Make sure that every staff member is properly trained in identifying potential threats. Teach them how to spot a phishing attempt or possible scam. Employee training is an important part of any defence strategy, so spend some time and money on these tasks.
Exploited passwords, security credentials and email addresses are a major cause of data breaches. If an employee clicks on a link in a phishing email, their passwords and information can be intercepted. This is how hackers gain access to company servers and data centres.
This is why companies need to adopt a zero-trust security policy, whereby IT systems do not trust any users, despite coming from within the company. A zero-trust security policy requires two-factor authentication in order to let employees into the servers. This makes it more difficult for hackers to gain access without having the actual company laptop or device in hand.
SEACOM Business is on-hand to support large companies in Kenya and Uganda with their cyber security needs. For more information or to get a quote for our various cyber security services, email us at marketing@seacom.com or leave us a message.
SEACOM owns Africa’s largest network of information and communications technology (ICT) infrastructure, including fibre optic networks and subsea cables. We offer a wide range of industry-leading scalable ICT solutions for large companies that operate throughout the region.
SEACOM is privately owned - making it adaptable to the needs of the client. We are the preferred ICT and internet connectivity supplier for African enterprises. We can guarantee fast, reliable and secure internet and networking services at affordable prices.
For more information on these solutions, follow us on LinkedIn, Facebook or Twitter. Keep an eye on our news section for industry news and announcements on African ICT, internet connectivity, cloud services and security solutions.