Phishing emails make it through our spam filter, and it would probably get through yours. Unfortunately, there is only so much you can do technologically to block spam, phishing and spear phishing emails.
Here are a few ways that you can protect your team from these threats:
• Use an email filtering service that relies on multiple methods to scan your email.
• Set up a rule on your mail server to indicate when emails are coming from an external sender. This provides a hint to the recipients that something may be phishy.
• Install an antivirus on your mail server and on your computer. Embedded scripts and attachments can be nasty, so this practice is a must.
These steps will flag bad emails and overall, reduce the number of messages coming in…but that doesn’t mean that your organization is safe. Your staff needs to be aware of these threats and always vigilant to stop and assess before responding or opening attachments.
Take the above email as an example. Dave, our Podfather, most likely wouldn’t be sending a request for help from a virginmedia.com email address, nor would he have a random string of characters as his address. Formatting and syntax are also a bit off, and we all know that Dave doesn’t have an iPad. Also, why is this ‘Dave’ sending from an external source to begin with when we have internal mail and Microsoft Teams. Anyone who receives an email like this example should be looking at these factors and hopefully, your internal ‘fake-o-meter’ is going quickly into the red.
So, we know that the email is bad, what next? Report it to your email filter! Smart Dolphins clients can send bad examples to firstname.lastname@example.org (we can also setup a button that sends the message and then deletes it with just one click!). Other services will usually have a spam/report spam or example email address to submit messages that get through the cracks. This will help the providers build better filters to help fill these cracks in the future. If you don’t have a managed email filter, delete the message, don’t just ignore it. If the sender keeps coming back setup a block rule in your email.