Cyber-attacks are becoming more and more common, and according to a recent report[1], 82% of organisations have faced an attempted email-based security threat in the past year.

Today, businesses of all sizes and across all sectors are at risk. Not least because of the combination of financial and personal data that they hold. And, when it comes to threats, email phishing is one of the most significant and most dangerous.

What is email phishing?

Hackers using phishing emails to trick people into handing over sensitive information. Typical phishing scams include where fraudsters pose as a bank, a lawyer, or someone else you trust. And in doing so, they trick you into sending them data or clicking on a malicious URL or attachment.

But it’s not just incoming phishing emails you have to worry about. Scammers could also hijack your domain to create and send fraudulent emails that look like they are from your organisation. And this can seriously compromise your reputation.

But, despite the risk, many businesses still don’t have a robust email security policy in place. So, what can you do to make sure your organisation is protected against email scams?

Educate your employees

One of the most important things you can do to stop fraudsters in their tracks is to make sure that your employees:

  • Are trained on how to recognise phishing emails and other threats
  • Know that they should never click on any suspicious links, or download anything they are unsure about
  • Know what to do if they receive a suspicious email (who to report it to)
  • Understand the implications of a security breach
  • Receive ongoing data protection training.

Put robust policies and processes in place

In addition to training, you should also create an acceptable use policy (AUP). This helps to ensure that all your employees understand what is and isn’t acceptable when it comes to using digital technology such as email.

However, with human error one of the leading causes of data breaches, this must go further than just providing guidance on how to spot cybercriminals. Your AUP should also have clear advice on things like checking to make sure you always enter the correct email addresses, and using the BCC function when sending bulk emails.  You should also create a password policy to help keep your business safe.

Furthermore, in addition to creating security policies and processes, you should also provide training to make sure everyone across your business understands these measures.

Make technology work for you

While a vigilant workforce is a powerful tool when it comes to defending against cybercrime, it isn’t always enough. Scammers are becoming smarter than ever, so, in addition to training your staff to recognise threats, you should also use technology to stop attacks in their tracks.

For example, DMARC technology actively blocks phishing attacks and prevents third-parties from impersonating your email domain. Also, Phishing as a Service lets you test how susceptible your people are.

Today, the IT infrastructure of any size of business can be complicated. There are a plethora of devices, apps and data that all need careful management if you want to mitigate risk. But, at the same time, you need an IT setup that works. At Cloud Geeni, our cloud services consistently achieve the highest level of data protection and reliability, maximising security and eliminating downtime. Contact us today to find out more about how we can help you.


[1] Barracuda Networks 2019 Email Security Threat Report