Cyber Security Month: 4 Email Best Practices

Halloween’s just around the corner, but all month long the government is hoping to shift the focus away from ghosts, ghouls and other things that go bump in the night and onto a more real-world menace: the kind lurking behind a keyboard.

Hackers. Scammers. Phishers. Call them whatever you want, every October the US Department of Homeland Security, in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center, sponsors National Cyber Security Awareness Month to combat these digital criminals. This year marks the 11^th anniversary of the event. 

Of course for IT leaders, digital security is a year-round concern. For folks outside the field though, it can be a risky afterthought. The government is hoping to change that and not only get everyone thinking about cyber security, but to help people develop skills and knowledge needed to stay safe online all year long.  

Keeping email safe from cyber crooks

In honor of National Cyber Security Awareness Month, we’ll be running a series of blogs featuring digital security tips. You can use these posts as a good way to kick start a conversation with end users about security basics and best practices.

The first entry in our series will focus on something many employees couldn’t imagine doing business without: email. Here are four keys to staying safe while using email:

1. Be suspicious if it wasn’t requested. Phishers love taking advantage of unsuspecting staffers by sending them an email with a link or an attachment that promises one thing, but in reality is a con designed to steal information. Encourage employees to be wary of emails from outside parties that contain links or attachments which they didn’t request. If they’re not sure, instruct them not to open anything, but instead to forward it over to IT where your pros can take a look and assess the threat. 
2. Don’t interact with it. That little “Unsubscribe” button at the bottom of an email may look like a tempting way to get off of some spammer’s list, but it could end up causing more problems. If the emails aren’t from a legitimate source, there’s a good chance clicking on that link could lead to more spam or worse: viruses or malware. If the source of a message isn’t clear or doesn’t seem 100% trustworthy, it’s best to let it go right to spam and just delete any or try to block follow ups as they come in.
3. Make sure it fits. Say a long-term customer prefers to handle billing through regular mail or a customer portal but then all of a sudden he or she is asking to do so through email. That could be an honest change or it could be a sign the person’s account was hacked. If an email doesn’t ring true to the usual interactions an employee has with someone, he or she should contact the other person outside of that email thread just to make sure everything is on the up and up.
4. Watch the fine print. Even though an email looks legit there’s always the possibility that it was just designed to look that way. Employees should look for little telltale signs that something is amiss, such as an email address that ends in .net when they’d expect to see .com. Even a few additional hyphens or a slight misspelling might be enough to trick some folks.

Check back here for more National Cyber Security Awareness Month tips. To learn about the ways that a partnership with Arraya Solutions can help your company protect its mission critical data, visit www.ArrayaSolutions.com.