Security software company Webroot Software released the results of its most recent State of Internet Security Report – Protecting Business Email.
For the SOIS report, Webroot surveyed 1,500 email security product decision makers in companies across seven countries. The report finds that close to 80% of U.S. businesses surveyed experienced a spam attack last year while half also experienced spyware, virus and phishing attacks. The report discusses these attacks in-depth while also offering helpful information on legal compliance, internal sabotage and the type of protection you need to keep your business safe from attack.
Risks to and from Email are Prevalent
- More than half surveyed experienced spyware and virus attacks via email and over 40 percent experienced a phishing attack;
- About one out of five organizations reported that sensitive online transactions were threatened and confidential information was compromised as a result of spam;
- Over 60 percent of respondents had at least one email outage in 2007; and
- One out of three survey respondents said that the hourly cost of an email outage is over $1,000.
Employee Behavior Increases Email Security Risks
- Individual email users open messages before realizing they are spam, open messages in junk folders and even make purchases from emails marked as spam;
- The 2007 eCrime Watch report found that current employees were second only to hackers as groups that pose the greatest cyber security threat to organizations; and
- One out of three organizations reported employee misuse of email resources.
Few Companies Have Protective Policies in Place
- Less than a third of organizations surveyed have key employee email security policies in place; and,
- Less than half of companies with more than 100 computers have policies in place to restrict employees’ personal email use.
How to Protect Your Network:
Begin with common sense –
- Be careful when opening attachments
- DO NOT click on links within an email unless you are 100% sure of the source (NEVER click on links in emails claiming to be from PayPal or your bank – instead go directly to the website from your browser, or pick up the phone and call the company to see if the request is real.)
- Beware of viruses embedded in HTML emails
- Make sure your network has an antispam filter
- Have an antivirus program that scans emails and attachments before you open them
- Use antispyware protection and keep it up to date
- Consider using email encryption, especially if you transmit sensitive company and/or customer information
- Institute and enforce policies to restrict personal email use by employees