How to Protect Your Business from Email Impersonation Attacks

Saxons Blog

Saxons Blog

The prevention of impersonation attacks on businesses requires strong security policies to be implemented, as well as vigilance on the part of employees. As these attacks are designed to take advantage of human error opposed to weaknesses in IT security, it’s important that employees are well informed on how to spot email impersonation – regardless of how strong a company’s spam filtering and IT security systems are.

What is email impersonation?

Falling under the category of “Social Engineering”, email impersonation is a form of phishing used by cybercriminals. Phishing is a cyber attack where fraudulent messages are designed to trick an individual into revealing sensitive information, or for deploying malicious software on a victim’s devices.

Email impersonation involves the attacker impersonating an individual the victim has a relationship with. This could be a supplier, customer, other employees, or even the victims manager or boss.

What does email impersonation look like?

Email impersonation can range in its complexity. Some may be poorly written and come from a random email. Others will go to great lengths to deceive, using a visually similar domain, getting pictures of the individual from online, and conducting research on who they will impersonate and who they will target to ensure a higher chance of a successful attack.

Email impersonation: What to look out for

Inconsistencies with email addresses or names:

Often the emails used for impersonating by attackers will be a slightly altered version of a legitimate email address, and the reply-to address may be different than the sender’s address. Additionally, the display name may match someone you know, but the email doesn’t. This is because across all email clients, you can choose what your display name is.

  1. Swapping letters out: “vv” for the letter w and “rn” for the letter m, such as in “rnicrosoft”
  2. Replacing letters with numbers: zero’s for the letter “o” and one’s for “l” or “i”
  3. Dashes, underscores, or periods in names or domains: @company-name.com instead of @companyname.com

Language that induces urgency, fear, or a threatening tone:

Requests for immediate action are ways social engineering attacks such as impersonation plays into their victims emotions. The attacker isolates their target from confirming the request with peers due to the urgency. Sometimes threats of negative consequences if the request is not completed quickly enough are made.

Requests for confidentiality:

To further isolate their target, attackers may ask that the request be kept confidential. They may suggest the employee is involved in an important, exclusive, and secretive operation.

Unusual or new requests:

A common occurrence is the request for gift cards to be purchased, hundreds or thousands of dollars worth. Additionally, requests for sensitive information such as banking details or money transfers may be made. Attackers often impersonate CEO’s or managers for these types of attacks.

 

How can you protect your business from email impersonation attacks?

There are three key points to follow to ensure protection from social engineering attacks of any kind, including impersonation attacks.

1. Education

Ensure all employees are well informed, and understand the risks regarding social engineering attacks such as impersonation.

2. Vigilance

As a base, you should always look at the email address of a sender before responding or actioning a request. Many impersonation attack emails will come from an address with the incorrect domain. If you normally receive emails from joe@business.com, but now you are getting emails from joe@bus1ness.com, flag this issue with you management and IT immediately.

3. Communication

Open communication is critical in stopping impersonation attacks if not caught by vigilance as detailed above. If ever unsure about the legitimacy of an email, there must be an environment for open communication where individuals feel confident they can contact the supposed sender directly to verify the authenticity, despite any claimed urgency.

 

 

Share this post on...
Facebook
Twitter
LinkedIn

LATEST POSTS

Online Shopping Scams
Tech

Common Online Shopping Scams

With the rise of e-commerce and online shopping, consumers have access to a wider range of products and services than ever before. However, this convenience

Read More »

We provide a comprehensive range of IT solutions for Australian businesses

continuity

Business Continuity

Business Continuity is the planned process employed by companies to re-instate their business process. It details the procedures acted upon to ensure the continuance of essential functions during and post event.

connectivity

Business Connectivity

Business Connectivity is the underlying framework including applications designed to keep your business talking. It allows for fluid communication between project teams, clients and management.

mobility

Business Mobility

Business Mobility is the practice of IT strategy supporting work on any device or in any location. It allows for work to continue on the go, while reducing costs and promoting more open corporate culture.

relocation

Business Relocation

Business Relocation is the planning and implementation of new site operations. It allows for the seamless IT operation of new offices with zero downtime.

scalable

Scalable Solutions

Scalable IT Solutions allow you to only pay for what you use, with the ability to rapidly increase your resources in response to business growth or other changes.

security

IT Security

IT Security protects your data, business processes and IP from threats and intrusions, in a secure, enterprise-grade computing environment.