Most of us have a faint recollection of our old times when we heard of the term cyber-security. Now, it is something that we all hear often and worry even more about it. The statistics for cyber-crimes are extremely concerning and will only continue to take a toll on our mental health. Cyber criminals have evolved with time and smarten up in their approach to attack bigger targets. The medium for these attacks has sometimes been a phone call, an SMS, a removable device like USB and the most infamous of all is, an email.
Why Email?
Most of the organizations use email services for official purposes. From a simple ’thank you’ to a ‘here is the invoice’; all such conversations take place over email. At present, the number of email users are 2.6 billion which is estimated to reach 2.9 billion by the end of 2019. It has been predicted that by 2022, this number will reach 4.2 billion. Cyber attacks like Phishing and Ransomware are deployed via emails. There is no wonder why attackers use email as a medium of attack.
How bad is the situation?
One of the earliest email frauds occurred in the year 2003 when attackers sent phishing emails to the customers of PayPal, asking them to upgrade their credit card number and personal information.
The first ever email attack was reported by ‘The Banker’ in the year 2003 and till date YAHOO has been the target of the largest email attack in the year 2014. This attack has highly compromised the users of YAHOO by stealing an estimated 3 billion users account(as per Quartz)and sensitive information like name, date of birth, telephone numbers as well as passwords.
Attacks have become so sophisticated in nature that one of the most secured networks belonging to the Australian parliament bore its brunt.
Why should it concern us?
The four-character long word ‘Data’ weighs a lot. It is so valuable that cyber experts around the world are continuously working in order to ensure its security. Ethical and malicious hackers have been playing the game of ‘good cop- bad cop’ for the sake of data security.
The reason behind protecting data is simple. Data can be a person’s name, birth date, age or; it can be a person’s social security number, card details or bank account details. One can imagine the severe consequences if this data falls into wrong hands. Once the attacker hacks into your system, he can misuse the data available for any purpose. Attacker can corrupt, steal, delete, encrypt it for extorting money (ransomware attack) or worse; he can sell your information to people who may not be so friendly.
How can an organization safeguard themselves?
There is no denying the fact that social engineering attacks related to email will continue to grow and take a steep increase in the graph in the years to come. However, there are still a few ways to shield your employees against such attacks:
1. Conduct training and awareness program for your employees.
2. Encrypt all the sensitive information related to business.
3. A security policy should be formulated against password expiration.
Humans are erroneous beings that can make mistakes. It is known fact that 90% of the attacks are caused due to employee negligence. Therefore, it is the need of the hour to take stringent measures to ensure the secure transfer of data between emails.
