Keeping Your Employee Email Safe

employee email safety_Now IT Connects

Email is one of the most powerful tools you have to stay connected to your team and customers. But because it is so essential to doing business, email is a very popular target for hackers and other bad actors. Here are a few email security tips from the Now IT Connects experts. Which ones will you implement today?

Email Security Tip 1: Encourage Strong Email Passwords

A strong password is an email account’s first line of defense. Encourage employees to set strong passwords and require them to change them every so often. Strong passwords use a combination of lowercase and uppercase letters, numbers, and special characters. They do not include personal information that could be looked up on social media.

To create very strong passwords, ask your employees to think of a memorable phrase (for example, “I Love Now IT Connects”). Then, shorten it to the first letter in each word (ILNIC). Next, add numbers in between each letter (I1L2N3I4C). Put an exclamation point at the end (I1L2N3I4C!), and you have a password that will be very difficult for hackers to guess.

Email Security Tip 2: Require a Secure Internet Connection

A strong password won’t protect an email account that is accessed on public WiFi or other unsecure internet connection. Unsecure networks are easily accessible by bad actors, leaving you and your employees exposed to all sorts of cybercrimes, including identity theft, malware, and ransomware attacks.

Work with your managed IT and network security team to secure your network with a combination of hardware, software, and employee education. Once you have the appropriate hardware and software in place, train your team on why it’s important to only access their email and work applications over a secure network. If they are working remotely at home or at a coffee shop, require them to use a Virtual Private Network, or VPN, that will make it nearly impossible for bad actors to find and gain access to your network.

Email Security Tip 3: Teach Email Smarts

Attacks on email are constantly evolving, which is why it’s important to provide regular employee training on new email threats and how to spot and prevent them. Phishing scams, for example, are becoming increasingly sophisticated. Phishing emails may look completely legitimate to an untrained eye or an employee in a rush. But clicking on a link, opening an attachment, or taking another action from a phishing email can create an IT disaster for your company. Train your employees on the types of cyber threats they may encounter. You can even hire Now IT Connects to test your employees with a fake phishing email.

Protecting your employees’ email keeps your entire network and company safe. Protect your data with robust email security. Contact Now IT Connects for expert email support.

Do People Really Fall for Email Phishing Scams? Oh Yes.

email phishing scams_Now IT Connects_Clearwater Minnesota

If you consider yourself a savvy email user, you probably have a hard time believing people actually fall for spam and phishing email scams. How can they not tell the email is fake?

Email scams are becoming increasingly sophisticated. We’ve seen some that spoof a company owner’s name, email address, and even email signature, complete with logo and headshot. As employees get savvier, so do the hackers.

Recently, a Now IT Connects client asked our team to test their employees’ email acuity. Here’s a look at what happened.

Something’s Phishy

The Now IT Connects team designed a phishing email that spoofed one of the company’s leader’s emails. The email looked as if it came from the leader and used their name in the From line of the email. The email asked employees to submit their network username and password through a link in the email. The link appeared to be the login page for the company network, but that was fake as well. If employees took the bait, it would allow us to capture their network credentials and log into the company’s actual network.

. . . or Not

The email looked as though the boss was asking for an employee’s credentials, which seems legit. But reassuringly, 93 percent of employees thought the email looked phishy and ignored it.

However, 7 percent of employees took the bait! Of that number, four actually tried to submit their credentials to the fake login page. Fortunately, none of them remembered their credentials, so no sensitive data was compromised.

The Debrief

After our test, our customer asked us to come in and speak with their team. We explained that the email was indeed a fake, but that some people in the company fell for it. Then, we helped everyone understand what to look for when judging whether or not an email is legitimate. The test was a real-world example of how easy it is to be tricked by a phishing or spam email.

Now IT Connects offers these email tests to anyone who would like to evaluate the email acumen of their staff. You do not have to be a current client of ours to take advantage of this valuable service. If you’d like to schedule an email test for your company, contact Now IT Connects today.