Protect Your Email Domain Against Phishing
After completing this unit, you’ll be able to:
- Explain the importance of protecting email against phishing.
- Describe the security principles that mitigate the risk of email abuse.
Protect the Most Common Point of Entry
Email is one of the most valuable and widely used means of communication. The underlying technology called Simple Mail Transfer Protocol (SMTP), which refers to the communication standard used to send emails, was designed almost 40 years ago and is susceptible to a wide range of attacks. Attackers use email as the most common point of entry to an organization, with the median company receiving over 90% of their detected malware via this channel, according to the 2019 Verizon Data Breach Investigations Report.
Attackers typically use phishing emails to deliver malware to unsuspecting victims. Targeted phishing campaigns often spoof the originator email address to impersonate a trusted organization. This lures the recipient into giving away credentials or infecting their computer by executing malware. The attacker uses the spoofed email address as bait, just like a fisherman uses a lure to hook an unsuspecting fish.
To help users recognize this threat, organizations use training exercises to increase awareness of phishing. Leaders may even use simulated phishing emails to help ensure users remain vigilant against this threat. Raising user awareness about how to avoid phishing is necessary, but insufficient alone—more needs to be done.
Mitigate the Risk of Email Abuse
In addition to training users to recognize phishing emails, and teaching them how to respond if they do receive one, leaders can also mitigate the risk of email abuse by implementing the following measures.
- Stay informed of phishing techniques as new phishing scams are developed.
- Implement an email filter to identify and quarantine spam emails, scan hyperlinks and attachments for malicious content, and implement specific filtering rules.
- Deploy up-to-date anti-malware software on all endpoint devices.
- Adhere to strong cyber-hygiene practices, to mitigate the risk of successful compromise.
- Implement the free-of-charge domain-based message authentication, reporting, and conformance (DMARC) standard that helps email senders and receivers work together to better secure emails. It is a policy that allows a sender to indicate that their messages are protected, and tells the receiver to either send or drop the message if one of the authentication methods passes or fails. Implementing DMARC prevents phishing emails from reaching users, reduces the risk of phishing emails misusing your organization’s domain to spoof recipients, and helps organizations stay informed of new phishing email campaigns.
Sum It Up
In this module, you were introduced to the WEF’s 10 tenets for cybersecurity leaders. You explored in-depth the first five tenets, learning how you can position cybersecurity as a business enabler in your organization, and you learned about the importance of fostering partnerships. You also learned about fundamental security practices to protect your organization and discovered the importance of strong authentication and a robust anti-phishing program. Now you're ready to earn the next badge in the Get Started with Application Security trail. The next module, Cybersecurity Threat Prevention and Response, will cover the final five tenets learning how to secure your supply chain, respond to cyber threats, manage crises, recover from disasters, and create a culture of cybersecurity.
Interested in exploring more cybersecurity-related information? Check out the Cybersecurity Learning Hub on Trailhead.