Call us today:

408-550-7288

5595 Winfield Blvd, Suite 110
San Jose, CA 95123

The Importance of Protecting Your Business from Email Based Phishing Attacks

The rapid switch to working from home is not without its unforeseen drawbacks. Workers are now using email services on "untrusted" devices, as well as networks, and sending an increased amount of sensitive data through it. Remote workers may be turning to email to communicate confidential data instead of secure methods generally available when in the office.

The best way to avoid personal liability, and unnecessary business litigation, is that your business's activities are protected. Nick Heimlich Law knows how to aid clients in ensuring they are protected from personal liability, learn more about our business litigation services here.

Being popular is not always a good thing. Email services are also one of the most common attack vectors used by cybercriminals looking to get access to valuable internal company data and resources or to deceive a company and its employees out of money. There are various types of attacks that can be employed, and nearly as many ways to prevent them. This post focuses on a specific kind of attack called phishing. Phishing is an effective attack method often carried out via email services, mainly due to the COVID-19 crisis. 

Call Today 408.550.7288

What is Phishing?

There are various sub-types of phishing attacks, but they all rely on a practice called social engineering. Social engineering is used to deceive a person into doing things that advance the attackers' interests. For instance, an attacker may create an email disguised to look like an email from a different service. The email contains an action item for the recipient, such as an attached file to approve or a link to reset your password.  Phishing attacks are often made based on educated guesses using information they already know about their target.

  1. Protect Yourself Through Company Policy

    Ensure that you have a company policy, which a business litigator can help you do. Your policy should specify what email services should and should not be used for. Include corporate litigation language that addresses some common types of phishing. Examples include:

    • Personal favors from executive-level employees such as the purchase of gift cards etc.
    • Invoice payment requests.
    • Emails asking to change your password.
    • Emails asking to follow a link to open a document or open an attachment.

    You can notice that these are all examples that may be legitimate use cases for email services. Remember, looking reasonable is how phishing attacks work. The key is to differentiate a valid request from an illegitimate by spotting the inconsistencies. Alongside a corporate litigation attorney, you can define limits and procedures for these items in your company's policies.

  2. Reduce the Amount of Available Information

    There is a general theory that nothing is unhackable. Hackers are not an unintelligent bunch, and now we are continually playing catch up with them. They invent new ways to exploit, and we then respond to it in turn.

    The easiest method of preventing a data breach, and having to hire a litigation lawyer for protection,  is not to have the data at all. Go through and permanently delete your old unneeded emails often. Of course, based on your business needs, this is not always an option, but in any case, having a proper data loss prevention procedure along with deletion policies and email archival can mean the difference between a costly disaster and a minor, single-user, breach.

Final Thoughts

Remember that email security is a broad subject. There are many different ways cybercriminals use phishing along with other methods. Also, keep in mind that email can be a safe platform to transmit sensitive data if all necessary precautions are taken.

This article is not an exhaustive guide on email security–phishing is just one piece of it. Luckily, it is something that you can make substantial gains in preparedness and prevention right away by creating awareness and enhancing policy. As with any platform, proper risk management, planning, and preparedness with litigation lawyer help is the only way to make sure that your company is not operating with unnecessarily high risk.

At the Law offices of Nick Heimlich, we’re here to guide you through the process of handling any business litigation case or legal action. You may also reach us through phone at 408-550-7288 or send us the information inquiry via fax at 408-841-7630. Feel free to also send us an email at info@nickheimlichlaw.com.

Click Here To Submit A Case