Not long ago, the use of email to transmit sensitive communications was a relatively rare practice, as the service had not yet started to become ubiquitous in the private and public sectors, but was almost solely popular among consumers. What's more, the hacking community has yet to become as aggressive or money-driven back in the early 2000s, whereas cybercrime is now a robust, multi-billion dollar industry in the modern market.
One would be hard-pressed to find an organization that does not use email solutions for a significant portion of its communications processes, while those firms in the health care and financial services sector have likely seen an increase in breaches that relate back to these tools. In fact, several recent breaches, including one that took place at a hospital in San Diego, was traced back to an errant email in which the sender accidentally included a sensitive attachment without knowing.
Phishing and spam - two of the biggest threats involved in email security - have been around for nearly two decades now. Whereas these once yielded only a pesky computer virus that at worst embarrassed the victim as it spread to his or her friends, the attackers are now leveraging these types of tactics to steal extremely sensitive information from unsuspecting recipients, commit significant fraud and damage businesses on a large scale.
In short, the time is now for businesses to begin using email encryption and other protective frameworks to avoid the fallout of these threats.
Recent uptick traced back to breach
ABC 7 recently reported that the eBay security incident is actually leading to even more diverse types of dangers for customers, as phishing and malicious spam emails hidden under the guise of the major online auction site have been tracked. Notably, the source pointed out that the firm took roughly one week between the time of the initial announcement and the mass sending of emails to customers to suggest changing their passwords.
The breach was one of many to hit the major media in the past few months, while the retail industry has been among the biggest losers in terms of data and account management. According to the news provider, although eBay's notification emails to customers did not include this important piece of advice, experts are urging those involved to not click on any of the links within those communications.
ABC 7 pointed out that phishing and spam emails can often look extremely legitimate, but once the user clicks a link and changes his or her password through the destination website, the account might be entirely compromised. Instead, the source stated that users always go to the eBay website through their web browsers and manually change their account information there.
Another public sector organization fails
CBC News reported that the Department of Justice in Canada took a relatively unique and progressive approach to evaluating the proficiency of its email security capabilities by sending thousands of its employees phishing-like links to see how many were aware of the dangers. According to the source, the results were certainly not enviable, as more than one-third of the 5,000 employees who received the links clicked on the link.
Interestingly, the source pointed out that the broader average among the general population is only 5 percent, meaning that employees in a federal agency that handles some of the most sensitive data around are less prepared than consumers.
Businesses should not hesitate to strengthen the security of their data and networks through the procurement and deployment of advanced email encryption tools.