13.05.2022

Phishing attacks and how Google protects you

While many people are enthusiastic about the benefits of a hybrid workplace, it is critical to address one of the top worries among C-level executives: security. Work from anywhere also means that certain risks rise. 2021 was a record-breaking year for cyberattacks, and the number, intensity and variety of these attacks is expected to increase in 2022. In fact, Check Point reported that cyber-attacks increased 50% last year reaching 925 cyberattacks per week in each organization on average. Phishing attacks accounted for over 80% of that and cost $4.65 million on average to affected organizations.

So what are Phishing attacks?

Phishing attacks are the most common and dangerous because they involve social engineering. In emails and messages phishing schemes exploit human emotions and impulsiveness to get them to click on the malicious link or to open the corrupted attachment at which point the whole organization becomes vulnerable. Most commonly these emails will seem to come from a trustworthy source and will call for an urgent action to redeem a gift, confirm attached document content, claim a reward, etc.

How to protect your organization?

Education

Indeed, educating the workforce on what are the threats, strategies and what to avoid is the main tool. Training is suggested to help people identify phishing and to report it accordingly in Gmail. But human errors are still common. With phishing attacks becoming more sophisticated by day, technology needs to be part of the protection equation more and more.

Google protection

Google does a lot to protect Gmail users. It employs advanced AI-enhanced spam filtering capabilities to block over 10 million spam emails every minute and claims to catch 99.99% of spam, phishing and malware emails before they reach your inbox. Google has also implemented multiple safety mechanisms.

  • Safe Browsing that identifies dangerous links in emails and warns you before opening.
  • Proactive alerts before downloading a potentially harmful attachment.
  • Account safety protects against suspicious login attempts by monitoring several security signals and offers Advanced Protection Program to accounts at most risk. 
  • Confidential mode that removes options for forwarding, copying, downloading or printing emails after a set period of time.
  • Email encryption at rest and while in transit between data centers with Transport Layer Security.
  • Google’s Attachment Protection helps to secure against encrypted attachments (cannot be scanned for malware), attachments from untrusted senders, and anomalous attachment types. 

Tools for organizations

In addition to Google protective measures, Google Workspace account administrators can take a number of steps for users to improve security.

  • 2-step Verification is the best way to secure emails from unwanted access even if the password is compromised. Users will have to use a second form of identification (phone, email, mobile app, USB key) to log in.
  • Password Alert is a Chrome extension that administrators can deploy on all account devices. It checks for fake Google sign-in pages and enforces a password change policy when such an event is registered.
  • Trusted Apps can be selected by the administrator to specify apps that can ask for users’ credentials.
  • External Reply Warnings are shown when there is a new email interaction with an account that is not connected with the company’s domain.
  • Android Work Profile separates apps used for work from those used for personal purposes. This separates company data from personal data in the mobile device and allows blocking of certain app installation on the work profile.
  • Whitelisting, Greylisting and Blacklisting allows you to sort out the emails that your organization should receive, reject before sender verification or block completely.
  • Gmail Anti-Phishing Tool for damage control when a phishing email gets through the filtering measures. With it you can find and remove it before it causes further damage.

 

However many Information Security trainings C-Level provides to the workforce, they cannot be sure that people change the default password on their home wi-fi router or that they are not connecting to the public wi-fi in the downstairs café. It is the technology and tools that are provided that will eliminate many of the risks.