IT Support &
Business Software

Glossary of Email Threats

Share

As 91% of all cyber-attacks start through email, we’ve put together a list of the most common email threats that businesses should be aware of:

Spam

Unsolicited junk mail that is sent to a mass distribution as a form of commercial advertising. This is often for dubious products and get-rich-quick schemes. Fortunately, this is nowadays generally well defended against.

Phishing

An email which falsely claims to be from a legitimate enterprise to obtain sensitive information. For example, usernames, passwords or financial information. This is often used for malicious purposes. From a business perspective, phishing has largely been overtaken by more targeted spear-phishing.

Spear-phishing

For businesses, spear-phishing represents the most pressing danger due to its highly targeted and sophisticated nature. Spear-phishing attacks target specific individuals within a target organisation. They often refer to targets by their names and positions, using clever social engineering tactics. Consequently, recipients are convinced to download malicious attachments or click on links to malware-laden or credential stealing websites.

Viruses

Code sent via an email attachment which if activated, can destroy files on your computer. It can also potentially resend the attachment to everyone in your address book. Fortunately, these are a diminishing threat for businesses thanks to anti-virus software. They do however still target home computers.

Malware

Short for malicious software, this generic term relates to software designed to cause damage to your computer or steal information. It includes viruses, spyware and ransomware.

Ransomware

A type of malware that prevents or limits users from using their systems until a ransom is paid. More modern crypto-ransomware, such as Cryptolocker, encrypts files on infected systems. It subsequently forces users to make an online ransom payment to get a decryption key.

Whaling

Derived from a big “phish” analogy, and also known as impersonation attacks, these targeted attacks are particularly threatening. Cyber-criminals use social media sites, such as LinkedIn, to gather information and disguise themselves as the CEO, CFO or other senior executive. They then target a lower-level member of the organisation, often a controller or someone in HR, and convince them to initiate a wire or data transfer. A key part of the scam is to make the target react to the perceived power of the impersonated executive.

 

In conclusion, email threats are becoming increasingly sophisticated. Moreover, the cost of these data breaches is increasing. Improving the security of your systems has therefore never been more important.

For more information, read our recent post; How secure is your email?


Testimonials

Josie Sullivan Leroy Reid & Co

Very helpful in supplying the system required with very little down time. Personable and professional in guiding us along the right path. Nothing is too much for them.

David Halloway Southern Testing

Support with a sense of fun!

Carmel Clarke Kingswood Controls

Professional and extremely helpful. PCR will go above and beyond to resolve any IT problems that you may have.

Max Somper Metamark

PCR are very much on the same page as ourselves. They're very flexible, pragmatic about response, efficient, and they've always been the best choice for us as a business.

Keith Faulkner Brainwaves Books

Over the years, I've seen PCR grow and develop, but their attitude and customer service has never altered. The quality of their service remains constant.

Alex Arscott Richard Russell Panels

A good honest company we've dealt with since the year dot.

Contact us now