Email Security

April 28th, 2021
Email Security

Here’s a terrifying statistic: Canadians are, by far, the top target for phishing attacks. According to the RSA Quarterly Fraud Report for Q3 2020, a staggering 56% of phishing attacks target Canadians. The second-most targeted countries only receive 8% of phishing attacks!

The most common medium for phishing attacks is email. That means email security needs to be a top priority for Canadian businesses of all sizes. While we don’t know why so many phishing attacks are targeted at Canadians, an educated guess says that scammers find Canadian targets profitable. This may imply that Canadians aren’t employing sufficiently sophisticated email security standards, protocols, and programs.

Email threat protection software

Information technology companies in Winnipeg should, if they’re security-minded, offer their clients some form of protection against phishing attacks and other email based threats.

At Constant C, we use Vipre to protect our clients from email based attacks. Vipre offers comprehensive protection against both common and uncommon threats, including:

  • Attachment sandboxing (to check email attachments for threats in a safe environment)
  • Bad URL blocking (to block a variety of spoofing and phishing attacks)
  • Six levels of email scanning
  • Indexed and searchable archiving
  • Vipre’s email protection service works on both inbound and outbound emails. This means that if one of your company’s emails has already been compromised, it will catch phishing attempts being sent from your accounts.

    What about Microsoft 365’s email protection?

    The level of protection offered by Microsoft depends on your subscription tier. For Enterprise subscriptions, only E5 offers advanced threat protection. For some businesses, the E5 subscription is worth the money for reasons other than security, like the advanced compliance tools offered.

    For businesses who are only looking for added protection, however, it’s often more cost-effective to subscribe to a different email protection SaaS like Vipre.

    Even compared to Microsoft Defender, Vipre offers a more comprehensive suite of protective features, and more granular controls for administrators.

    Setting up email protection

    When your email protection software is first set up, we’ll advise you to run hourly reports on which emails are being quarantined. Vipre automatically quarantines suspicious looking emails in order to protect your business against phishing attacks.

    Its filter is very powerful - the downside to this is that it will sometimes catch emails from trusted sources. Running an hourly quarantine report allows you to find and whitelist emails from senders that shouldn’t be quarantined.

    The quarantine report will only be run if an email was actually quarantined. In other words, if no email was quarantined, no report will be generated.

    We’ll work with you to fine tune your email protection. It’s best to start with too much protection - you can always whitelist email addresses to make things more convenient. With more than half of all phishing attempts targeting Canadians, the age old adage “Better safe than sorry” couldn’t apply more.