In 2023, email impersonation represents nearly 99% of email threats reported in employee inboxes. During his recent interview with SC Media Security Weekly Podcast, John Wilson delves deep into threat actors' common techniques and shares strategies for defending against email impersonation.
Originally published in Security Weekly Podcast.
Excerpt:
“From an email administrator’s point of view, job one is getting the mail delivered, and job two is blocking as many scams as possible. The challenge is in the edge cases, such as when you have a new contract and all the signals indicate potential fraud. It’s coming from a company you don’t (yet) have a relationship with, it’s talking about money, there is urgency, and it’s coming on the last day of the month. These are all the things that normally spell danger but also are completely legitimate in business. That’s the challenge, and what we recommend is training. Have a security awareness program that includes phishing simulation because once people are exposed to a few scams, they become very easy to recognize.”
Watch the full interview here.