For years, one of the top infection methods for Advanced Persistent Threat (APT) type attacks has been spear phishing. And for years, one of the best defenses against these attacks has been educating users.
As attackers have become more sophisticated, the old method of telling users not to click on suspicious emails no longer works. Would-be hackers hide their destructive malware in emails that appear to come from people that users know and expect to receive, discussing topics they expect to discuss. And users will open these emails.
This method of attack is very difficult to defend against. I have been discussing best practices with a number of customers and wanted to share my thoughts here.
Don’t take any email at face value, even if it looks like it came from someone you know and from whom you expect to receive messages. Review the content. Is it written in the manner in which the person normally communicates? Does it use strange words or phrases they don’t normally use?
Be suspicious of messages that ask you to open an attachment or otherwise respond immediately. Contact the person through another method such as calling them on the phone to confirm the urgent response. Do not open any attachments until you confirm the request. If the message asks that you click on a link, hover your pointer over the link to reveal the URL. Check to see that the URL looks legitimate.
Also confirm any messages that ask you to release corporate or personal information. Make sure you are dealing with someone authorized to have that information prior to sending anything.
Be suspicious of messages that ask you to open an attachment or otherwise respond immediately.
Does anything in the message make you uncomfortable, or is there something odd or unusual about the communication? If so, confirm the message through another channel or contact security.
You are the first and best line of defense when protecting your company and your personal data. Things that seem unusual or out of place should be scrutinized. Ask yourself:
If you answer yes to any of these questions, reach out to your network security team.
Learn how AT&T Email Security solutions can help protect your email, your data, and your brand against malicious attacks.
Share this with others
READ MORE ARTICLES ON:
Sign up for the AT&T Business newsletter
Your feedback will help us to improve AT&T Business so you continue to have a great experience when visiting us!
This survey is conducted by an independent company ForeSee for AT&T.
Yes, I’ll give feedback!
Please provide the following information to access your document:
* To access your content, please check your browser settings to make sure pop-up windows are allowed.