A few more ways that you can avoid being prey:1. Employ a robust email software security solution that can detect phishing emails before they reach an end-user. Even if a solution is unable to detect all phishing and spear-phishing emails sent today, a solution that detects an appreciable percentage of phishing messages can decrease your organization’s exposure to phishing-based threats.
2. Leverage user awareness training that addresses real-world email phishing techniques used by threat actors today. For example, teach end users that ransomware
attackers are hijacking email accounts and inserting themselves into ongoing conversations to introduce malicious attachments or links into a conversation appearing to come from a trusted user.3.
Caution vigilance for “reply all” emails that contain only an attachment or link with a very brief or no message.4. Emphasize that “unpaid invoices” is a very common phishing lure."
Citation:
Dwyer, J. (2021, November 30). Understanding the Adversary: How Ransomware Attacks Happen. Security Intelligence.
https://securityintelligence.com/posts/how-ransomware-attacks-happen/