3 Email Threats You Need to Be Aware Of

As an email administrator you know that the responsibilities of your job extend far past creating user accounts for your co-workers.

In fact, it is the behind the scenes responsibilities that consume a majority of your time when it comes to email. Unfortunately on of the biggest behind the scenes concern for many email administrators is security.

Security has taken on an entirely different role since the inception of laws and regulations that govern not only how well we protect the confidentiality of email and its contents, but also the integrity of those messages in how they are stored and retrieved when needed.

To the bad guys, email systems provide an open door the many organizations overlook when it comes to security because they are simply not aware of the threats that their mail systems face. That is about to change for you.  We are going to look at three different threats that can make an email administrator’s life miserable.

Spam and other unwanted emails

When we think of email threats spam is always the first thing that comes to mind because it has been so prevalent for so long.

Despite so many people reporting that spam levels are down, IT professionals continue to state that spam is one of their biggest concerns. In addition to the concerns surrounding spam are the issues that many mail administrators and security professionals face in the threat of phishing and spear phishing.

The reason illicit email messages like these remain a problem is because they cost organizations in big ways. Spam wastes resources. It costs money to store spam on our servers, it costs money when people open, read and delete it and it costs money to fight it. Phishing, that costs money when people fall for it. One successful phishing attack can compromise customer data, user logins or even proprietary information.

Malware

Malware has always relied on email to spread. Since the earliest days of email messaging, malware has been a concern.

Nowadays, malware is often spread via spam and phishing attacks because people continue to ignore warnings and click on malicious links or download malicious files.

Despite the ongoing threat that email borne malware presents, most organizations do not put the appropriate security solutions in place to protect their users from it. They may scan their email servers for malware and use a content filter to stop spam but when it comes to scanning incoming messages for known malware and zero-day threats they continue to come up short.

Disasters

Something that many small businesses forget when it comes to email is a solid backup process. They forget, that is, until it is too late.

With so many laws and regulations governing how emails are stored and “discovered” on demand, not having a solution in place that protects emails in the event that a natural or manmade catastrophe occurs can put an organization out of compliance. We all know that being out of compliance can result in fines and legal fees, but it can also cost big time when it comes to protecting an organization’s brand and reputation.

Of course backing up your users emails is only half of the solution. You need to be able to recover these backups should the worst case scenario arise. Testing this process is something that needs to be a part of your overall security solution so you can be sure that should you need to recover your emails, the system will work.

Security is an ever-changing field. Being tasked with the responsibility to keep your users email safe, secure and reliable takes quite a bit of time because the threat landscape is so wide and new attack methods are found every day.

In order to best protect your users and email it pays to have a solid foundation in your security knowledge and to have a solution in place that protects against both known and unknown threats. Of course any solution that your organization puts into place also needs to be something that you and your staff can effectively configure and manage or it will provide nothing more than  a false sense of security.

 

Written by Jeff Orloff

5 Comments

  1. Jason Rogers · October 31, 2012

    Outgoing spam is also a threat because if you get blacklisted, this causes huge problems. You need to watch what your users send, otherwise you will be the one to deal with the mess later. Outgoing spam is frequently forgotten but it is a serious problem for an email admin.

  2. Terry White · November 1, 2012

    I have to agree with the last one. A lot of people are actually too concerned about the first two they completely ignore the last point. I can definitely attest in the importance of having an e-mail backup. When my account was hacked, I had no choice but to let go of it and start a new one. I had to deactivate my account. In the process, however, I realized I didn’t have any backup! It’s not a good idea really when you’re maintaining a couple of clients. It’s just a good thing they are all understanding of my situation.

  3. Achilles Perez · November 2, 2012

    Perhaps we also need to identify phishing. That’s one of the biggest and growing threats in the world of cyberspace today, and yes it deserves its own category. I think I need to share a story about two of my friends who have fallen victim to it a couple of weeks back. An acquaintance they’ve met while traveling to Peru had asked for their e-mail address. Because the meeting was cordial, they became quite open to do it. A week later, they received an e-mail from the same person, encouraging them to sign up to a well-known travel community. Well, it turned out to be a phishing website, and before they know it, they’ve been spending spam to all their contacts, like mine.

  4. Nadia Joy · November 5, 2012

    The last one definitely gives me a different perspective. This article is actually right. I think most of those who drop by here are so obsessed with spam and other well-known threats that we often forget our very own good mails are susceptible to problems too, especially if we don’t have any backup with them. This leaves me wondering, however. What type of software should I use? Any recommendations out there? Is it possible to store Gmail e-mails to desktop? Sorry, I’m not too techie, so any kind of help from the other readers will surely be appreciated.

  5. Patrick · November 7, 2012

    I need to be more aware of attachments. I remember once I received a supposed Powerpoint presentation from a startup company. I guess I was so naïve back then. I’m talking about like 5 years ago. Well, anyway, I decided to download it. When I opened the file, I could not really describe what had happened except that my screen turned blue. Yes, it’s the blue screen of death. I tried to restart the PC, but it wouldn’t budge anymore. I had a specialist come over and take a look at it. Still, he couldn’t have it fixed. In the end, I had no choice but to let go of all my files and start anew. That basically cost me $300.

Leave A Reply