...And what to do about it.
There is a
difference between emails. There is spam and there is junk. Do you know the
what the difference is? Junk is anything that comes from a legitimate source,
usually in the form of a marketing email. Spam comes from a less-than ethical
source and can take any form. Usually with the intent of getting a user to
click on a link. The link can then lead to a variety of sites with varying
purposes. If the email is a 'Phishing" email, then the intent is to get
you to provide credentials or other sensitive information that can then be
utilized by the threat actor to perform some nefarious action.
The other type of
link is to provide you with a piece of malicious software and that is usually
without your consent or knowledge. This can allow even more serious activity to
take place on your system and with your data. In the rare case, the link will provide
both a place to enter in credentials and a download to your system. In all
three cases, company data and personal data are placed at great risk.
Junk mail on the
other hand just fills your mailbox and provides you the activity of having to
take time to delete it. Not nefarious, just a pain.
Training users to know the difference and how to respond to it can save a lot of work for the security analyst.
For instance, in Outlook there is an option to set up Junk E-mail Options. This can be a great tool for end users, but they must be trained on what it means to them and their daily mail habits. Not only junk will get caught by this, and new addresses need to be constantly added to the Safe Senders list.
No comments:
Post a Comment