2019 State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Prevent spear phishing attacks with Mimecast.
As phishing and spear phishing attacks continue to become more prevalent, organizations are seeking advanced solutions to prevent spear phishing and other targeted threats.
Spear phishing is a variation on email phishing scams that seeks to entice users to click on a malicious URL in an email that appears to come from a trusted source. Attackers may use spoofed Internet addresses or domain names, as well as social engineering techniques to fool employees into trusting the content of an email.
The risks are significant. 1More than 91% of hacking attacks today began with a phishing or spear phishing email and roughly 23% of phishing emails are open by employees even after they have received training to spot potential fraudulent messages.
To prevent spear phishing and other targeted threats, Mimecast provides a leading email security service to stop phishing emails from infiltrating corporate email infrastructures.
Targeted Threat Protection is part of Mimecast's all-in-one subscription service for managing email security, archiving and continuity more effectively. This solution helps prevent spear phishing and other advanced threats such as CFO Fraud andvirus ransomware by defending against malicious links email, weaponized attachments and social engineering techniques.
Mimecast helps prevent spear phishing attacks by providing comprehensive protection that can be easily managed and requires no additional infrastructure or IT overhead.
To prevent spear phishing attacks and other similar threats, Mimecast Targeted Threat Protection provides phishing protection against the three most dangerous attack techniques:
Learn more about how to prevent spear phishing with Mimecast, and about solutions for stopping Office 365 phishingattempts.
What is a spear-phishing scam?
A spear phishing scam is a highly targeted cyber-attack where attackers send email ostensibly from a trusted individual or a legitimate business. The email is designed to convince a target to take actions that can harm their company or divulge sensitive information that attackers can use to gain access to networks, email accounts and financial accounts.
How do you recognize a spear-phishing email?
There are several ways to spot and prevent a spear-phishing attack. A spear-phishing email may include:
How can you prevent spear-phishing attacks?
One of the most effective ways to prevent spear-phishing attacks is to address the problem of human error – one of the biggest contributors to security breaches. To prevent spear-phishing attacks, companies can educate employees about how these attacks work, and about best practices for avoiding them. Security awareness training can help users to identify the telltale signs of a spear-phishing attack and to take certain actions – like confirming out-of-the-ordinary requests by phone – when emails appear to be suspicious.
How to prevent spear-phishing emails from entering my mailbox?
To prevent spear-phishing emails from reaching the inboxes of users, organizations can deploy technologies that include:
Where do I report a spear-phishing attempt?
Spear-phishing emails can be reported to a number of organizations dedicated to helping to prevent spear-phishing attacks. These include the Federal Trade Commission (www.ftc.gov/complaint), the Cybersecurity and Infrastructure Security Agency (firstname.lastname@example.org) and the Anti-Phishing Working Group (www.antiphishing.org/report-phishing). Users should also report spear-phishing emails to their company’s IT department, to the sender that the email is impersonating, and to the email provider who can take steps to adjust anti-malware and anti-spam filters to more effectively prevent spear-phishing attacks.