• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Network Security

How to Protect Your Business from Dangerous Spam and Phishing Emails

Spam and phishing attacks can cripple a company. Keep your business safe with these tips.

January 16, 2017 Jeff Olejnik 3 Comments

There are not many ways to break into a bank; however, gaining access to personal bank accounts is becoming a very common way for criminals to get in.  One way this is achieved is by clicking on a link within an email.  Spam is very cost effective for cyber criminals, as emailing is a near free service to send tens of thousands of messages in very little time.  And the fake emails are often disguised to look like a message sent from the bank.

Email is an open door into your network; data passes through it every day. If you are like most small businesses, each email address receives a ton of messages.  If criminals want to break in, some will be sneaky and throw on a disguise.  By pretending to be someone else, such as someone you know, they will try to earn enough of your trust to steal from you.  This includes messages that appear to be sent by your bank. Spammers will use the bank name, logos and include an urgent message to “log into” a fake website, giving the spammers your bank credentials.

Here’s how email phishing works:

  1. A criminal sends an email which appears to come from a trusted sender, such as a bank or a known contact.
  2. The email gives the recipient a message that requires action, such as logging into your account by following a link.
  3. The link is directed to the spammers website, not the intended banks home page.
  4. If you enter your credentials, the criminals now have your password!

It is difficult catch all emails, even in our office sometimes a piece of spam slips though our filters, but here are a few simple reminders to keep top of mind:

  • Even if you recognize the sender, it is best to access the website directly by typing it in your browser instead of clicking the link from your email. This is especially true for emails from financial institutions.
  • If you receive an urgent message from a known contact, do not click any links or download any attachments. You should verify this contact intended to send you such an email, especially if the urgent message seems fishy.
  • Never send private information via email.  Legitimate companies will never ask you to send passwords, credit card numbers, social security numbers, or any other important information via email.
  • Consider 2 factor authentications which is easily setup though your online bank to have a 2nd password generally sent as a text message to your cell phone.
  • Review subscription based firewalls, also called Unified Threat Management (UTM).
  • Spam filtering is a must in this day and age, even if your mail host has a spam filter; definitely consider a service if spam is still reaching your inbox.
  • Antivirus is one of the last lines of defense; you should not leave the maintenance of the virus definitions nor the alerting of a virus infection up to the end user (employee). Your IT/Managed Service Provider (MSP) can provide Managed Anti-Virus and keep subscriptions up to date, and ensure workstations are scanned regularly.  They are also alerted of any virus infections and can react quickly versus an employee who may not be behind their computer to notice the virus infection notification.
  • Have at least 3 copies of your critical data, and 1 of those copies should be off-site using a cloud backup solution from a MSP.

Social engineering is becoming smarter, in the past you could spot spam simply by the misspellings, but today the spam messages are spelled and worded much better.  They even appear to come from your bank by using their name and logo.

Business owners can protect their information and train their employees with security awareness.  This is a service or a program that sends out factious emails to the staff, asking for a response.  If the user does the wrong thing of clicking the link, a message is displayed stating that it was sent by IT support as a training exercise.  These types of services can also include a mandatory 10 minute training video when they take action on the factious email.  This is important as it explains to the employee on how to spot phishing emails and stresses the risks associated with clicking an email link or opening an email attachment from an unknown source.

Your IT provider can offer layered security, firewall, antivirus, spam filtering, web protection, backup and patch management to lower your chances of being infected should a dangerous piece of spam enter your network and convinces a user to inadvertently install an infection.  You might be surprised how inexpensive business grade protection can be; additionally, it takes away the added stress imposed on the business owner, allowing them to focus their time on other items.

 

Jeff Olejnik is the President of Newport Solutions, Inc. He has been an ASCII group member since 2016.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Corporate, Cyber Attacks, Email

Related Content:

  • Cybersecurity and information or network protection. Future technology web services for business and internet project CrowdStrike Cyber Armageddon: How Do Firms Now Build…
  • DDoS, NETSCOUT Arbor Insight 7 Layers of DDoS Attacks and How To…
  • cisco webex-rooms-modern-space AVI-SPL Receives Cisco 2023 Reimagine Workspaces Partner of…
  • data breach Nearly 900 Schools Impacted by National Student Clearinghouse…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Comments

  1. black diamond ring says

    January 31, 2017 at 1:35 am

    It’s awesome in favor of me to have a web site,
    which is good in favor of my experience. thanks admin

    Reply
  2. AOL Tech Support says

    January 11, 2019 at 7:08 am

    Most of the organization are using the email for sending and receiving the documents online. you can simply protect your business dangerous spam phishing emails by using the password.

    Reply
  3. Shayla Cademis says

    June 19, 2019 at 9:36 am

    Thanks for the suggestion to get an antivirus system and to have IT or MSP keep the subscription up to date. My cousin is thinking of starting a company, but she’ll be working with a lot of confidential information that relates to clients and business operations. Hopefully she can find a great email protection support as she works to start up her business!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.