Those first years of business can be exhilarating. It’s just you and maybe one or two other founders, working hard on building your brand and your customer base. Things are crazy, and your biggest job is to get people talking about your product.

Finally, things start taking off—you begin hiring more people, finances get better, and everything’s looking up. But one day, you look around and realize that you just can’t keep track of everything anymore. Lots of things happen every day that you simply aren’t aware of.

And that’s okay! It’s a natural progression. But now you have an even more important job—people know that you exist, including spammers and hackers who are now after you, your employees, and your data. You know this, and you’re working on setting up the right processes and tools to protect them.

The Dark Side of Email

One of the greatest threats to the security of your business is email. It’s the main form of communication in the modern workplace and the most common tool your employees will use. Naturally, this makes it one of the main ways that hackers try to access your business.

Cyber criminals regularly use email to install malware onto your business’s devices via phishing scams, so this is one of the most important areas for you to protect and monitor. Is all this jargon a little too much for you? No worries—we’ll explain everything you need to worry about here.

Malware

Malware is short for malicious software: any software that’s designed specifically to cause harm or to disrupt a business. It’s most often sent via email. In fact, Verizon found that 66% of malware was installed via malicious email attachments. Once installed, malware can do a wide number of things.

Malware can come in many forms; some of the most common are listed below:

  • Virus—the most common type of malware. You’ve likely heard of or experienced this in one form or another throughout your life as a computer user. It spreads by infecting files and often overloads or shuts down your computer.
  • Worm—a worm is like a virus but can self-replicate without a host program.
  • Trojan horse—like its ancient Greek namesake, a Trojan horse (often simply called a Trojan) disguises itself as a regular program before showing its malicious intent.
  • Spyware—one of the most dangerous forms of malware for a business. Spyware can run in the background on a machine for weeks or even months before being detected, gathering and sending back key information that entire time.
  • Ransomware—one of the most common cyber attacks, although it’s on the decline due to increased security measures. Ransomware is designed to hold your business hostage until you pay a set dollar amount to the hackers. The dollar amount is often designed to be significant, but also not large enough that you could not pay it or would want to involve the authorities, and can cause significant disruption for your customers.
  • Keyloggers—like spyware, a keylogger runs in the background completely unknown to the user. As the name suggests, it logs each keystroke as you type. This is a great way for hackers to gain usernames, passwords, and even full access to your entire system.

Phishing

Phishing is one of the most common ways hackers infiltrate your system. Just like its namesake, phishing occurs when a hacker puts out some “bait” for an employee to click on, and then the link or attachment downloads a malicious threat onto your system. Unfortunately, this problem isn’t going away. In fact, a recent report by Microsoft found that phishing has grown by over 250% and shows no sign of slowing.

This bait can be anything from an email that looks like it’s from management demanding a meeting to an email that’s supposedly from a family member or someone you trust. These attacks are becoming increasingly sophisticated, and it’s easy for anyone to fall for them—41% of phishing domains include just one character swap, which makes it difficult to spot the fake link. Verizon recently showed that 30% of phishing emails are opened; of those, 12% of the users clicked on the infected links or attachments.

Employers often use training as a solution to phishing emails. But based on the statistics and the increased level of sophistication among hackers, training isn’t always effective. Once that malicious link is clicked on, the malware could be in your system for weeks, seeping out data before you even notice.

[BLOG] Office Protect Settings: Audit Logs Always On

How to Prevent Cyber Crime

So what can you do to help prevent email-based cyber crime? We’ve discussed some ways before, and Office Protect has yet another feature to help you: blocking emails from the top spamming countries.

ENISA’s Threat Landscape Report from 2018 found that China and India had the most prolific spam bots in the world, each pumping over 4 billion spam emails per day. Vietnam, Russia, and Iran also made the top 10, with between 500,000 and 1 million spam bots each. If this sounds like a lot, it certainly is—spam now accounts for 85.23% of all email traffic.

Just blocking emails from these countries can substantially reduce your spam volume and help keep your business safe.

Fight Cyber Crime with Office Protect

Now that you know about this amazing feature, you’re probably wondering how you can turn it on. Fortunately, it’s easy! Just access the setting from your dashboard: Go into the settings, and you’ll see the toggle menu, security impact (low), and user impact (low).

You’ll also see the default list of countries: China, India, Vietnam, Estonia, Russia, Congo, Cameroon, Myanmar, Georgia, Kyrgyzstan, Bangladesh, and Iran.

Of course, you might actually do regular business with one of these countries! If that’s the case, you can instead configure your settings to only allow emails from countries you’ve specified, as outlined in this article.

Written by Mathieu Pipe-Rondeau Marketing Communications Specialist @ SherWeb

Mathieu is responsible for SherWeb’s blog content and organic social media. Highly conscious of branding and related communications, he’s constantly on the lookout for new and better ways to showcase SherWeb to the world. Mathieu has ten years of communications and marketing experience, including expertise in knowledge management, process creation and improvement, technical writing and content strategy. When he’s not producing engaging content, Mathieu enjoys cooking, singing and skateboarding with his son.