Email Threat Protection Webinar Q&A
Email Threat Protection Webinar Q&A:
We ran out of time during the 19th of August’s webinar on Email Protection to answer all the questions. Below we give a bit of attention to areas the attendees sought more coverage:
1) With the pandemic, we hear that the activity of cyber criminals has increased. Is this true?
The pandemic has led to an increase of 667% in malware attacks. (Michael Posey – AppRiver)
Now, the attacks are quite specific. There are not as generic as before. Cyber criminals exploit exactly the booking engines and try to send direct emails to people that could provide their passwords. (Noe Conceição – JJW Hotels & Resorts)
No increase in threats just yet because they have always been there. User awareness training is very important. If something slips through the crack, it all comes down to awareness. (Dominic de Boer – Lore Group)
2) We use SPF and DKIM, but we don’t use DMARC. Which are the risks for my company?
DMARC helps to specify certain actions such as who to notify, where to notify. It is more secure. SPF is quite an old technology framework. DKIM is built on top of SPF. Organizations should apply DMARC especially when using Office365. (Michael Posey – AppRiver)
3) Covid-19 has forced IT professionals to quickly empower a workforce working remotely, many times using their own devices. From a cybersecurity perspective what were your greatest challenges?
Not that much has changed because people used to travel around different properties, so they were very well prepared. Overall, Lore had the tools in place. (Dominic de Boer – Lore Group)
The pandemic has caused a huge increase in remote work. A tool that allows people to use their own devices remotely but through a specific connection was created. (Noe Conceição – JJW Hotels & Resorts)
4) Not related to BEC, but POS attacks have decreased compared with previous years. In our opinion why is this happening?
According to the Verizon Data Breach Investigations Report 2020, “this may be (and probably is) indicative of the trend of adversaries to more quickly monetize their access in organizations by deploying ransomware rather than pivoting through the environment and spreading malware—a more time-costly endeavor.” As often mentioned before, cybercriminals seek maximum payload for minimal effort; BEC attacks are preferred by the bad guys because they can make money without working very hard. (Daniel Johnson – VENZA)
5) What kind of specific information are attackers trying to obtain? Can you also give types of emails for people to be aware of not to open?
Bad actors will try to obtain any information they can get. Some people might not find information valuable but bad actors may. Perhaps a customer communication, maybe it is a password, a credit card number. Something that can be used to their advantage. They are very specific in what they look for. If they cannot find anything valuable, they will start sending messages around. (Michael Posey – AppRiver)
6) Does anyone have thoughts on G-suite email safety in comparison to the other email-specific email providers (Exchange, etc.)
Marco Correia (T-Hotels) acknowledges that he uses it. He indicates: “The basic principles are there. If you want to have an enterprise-grade security for your email, you need to have something to prevent attackers to reaching your inbox. This is as valid for Microsoft365 as for Google Suite. In a nutshell, they are the same.”