Security Awareness

Our solution

We’ll take an unexpected tack… Needless to say, technology does not score 100% in terms of email security.

Is user awareness the replacement for technical protections?

First of all, let’s take a look at what all comes in via email.

First of all we have spam or unwanted emails. These contain a form of advertising and can often be disruptive, but are otherwise harmless. This forms the largest group of incoming unwanted emails.

The next category is messages containing a virus or malicious code. For example, the attachment contains a Trojan horse or a just-generated ransomware. On- and offline techniques will recognize and block these. The frequency of such attacks is getting smaller by the day.

These groups of email messages are generally removed by so-called “anti-spam” systems even before they arrive in your mailbox.

It gets more difficult when the hacker starts fishing. Whether it is general “phishing” or targeted “spear-phishing”, it is not obvious for a computer system to distinguish these mails – which do not have an attachment – from mail with a legitimate request. For this, AI systems are used that compare historical information to recognize found patterns in new mails.

The possibilities for a hacker to fool the user are therefore numerous. They can play on your personal interests or try to lure you to fake web pages where you have to log in to know your password.

It only becomes really difficult to recognize an attack when the mail actually leaves the legitimate sender’s mailbox. For example, if a supplier has fallen into the trap, then a seemingly genuine e-mail may be sent from there asking you to pay all invoices to a new account number from now on. This “account takeover” can also be recognized by AI systems.

(Spear) phishing is the largest growing group among unwanted emails. The hackers are also becoming more inventive and professional. It is therefore not surprising that such an email occasionally slips through the cracks. That is why User Awareness trainings are indispensable and form the last link in your email security story.

Because not everyone is equally strong in this, users can help each other by reporting the mails, after which they can be removed from the mailboxes of the other users.

Then back to the original question. If we did not use all these technologies, we would be inundated with unwanted mails of all kinds. Even just the phishing mails are a nuisance in terms of quantity. After all, each user has to do individual analysis. The chance of clicking a little too quickly on a down day with little time also increases when the number of phishing mails increases.

So a good combination is the message.

Moreover, there is more than just email security. You can also just surf to a wrong website, blindly pay a paper bill, or respond to a phone or text message. Again, the combination of technology and user awareness training.

Kappa Data

Kappa Data has developed an extensive range of Cyber Security Awareness services that you can use as a partner. Send phishing simulations to end users, train them using short informative videos or organize real user awareness trainings.

Learn more about the Barracuda Cyber Security Awareness Program.