In early 2016, John Ngugi, an IT support manager at a local firm received an email from his boss with a PDF attachment marked ‘congratulations’ and everyone could see the joy on his face even before he opened the file. He immediately sent his trusted workmate an SMS asking they meet after work. He had worked at the firm for over three years and had talked to his boss earlier about a promotion and salary increment.
However, when he opened the PDF attachment he was led into an admin panel asking for more personal identification details. Though he was the firm’s IT support manager, he naively filled in the forms hoping they were coming from the firm’s US headquarters. The following morning, the whole firm’s computers and intranet had been taken over and no one could not access their files. This brought the firm to a standstill.
Using those phishing emails, the hackers gained access and infiltrated the firm’s intranet with malware and froze its operations for nearly a week until specialists were called in to subvert them and decrypt all the data; saving the FMCG millions of money in ransom.
However, the battle didn’t stop there. The hackers threatened to publish the company’s private data on various forums and weblogs if they were not paid in 24 hours. Though the firm wanted to pay, the specialists warned against this saying that would make them a target of even bigger syndicates. Together with the specialists the firm began to seriously shop around for something bigger than computer antivirus for its email and data security.
The specialists recommended Mimecast as the best for email security and data protection to stop ransomware and data leaks, spam mails,phishing and impersonation attacks. Using Mimecast Targeted Threat Protection which scans all emails to identify and block malicious URLs and checking them for malware the firm has been able to prevent the earlier hackers from reaching it as well as protecting itself from new incidents.
The specialists also recommended Mimecast Attachment Protect which stops ransomware attacks by preventing email users from opening infected email attachments just like my friend did. The software scans all email attachments for malware and cleans any infected files before users access them.
According to Ngugi, Mimecast has been helpful in preventing fraud from malicious hackers who pose to be company employees or affiliates.
“Using Mimecast Impersonation Protect, our firm has been able to prevent attacks from people who pose as workmates, trusted supervisors or former business partner or in my instance; those who pose as my boss or from the HR department from the headquarter,” Ngugi told TechMoran. “It’s so easy to open an attachment from a familiar source but Mimecast scans them and alerts the user not to click on the attachments or head to the URL in the email. Most of these malicious emails now end up in my spam folder.”
A recent report by Forrester Consulting, indicates that 99 percent of organizations out of the 253 surveyed had experienced such malicious emails in the past 24 months. The report adds that 40 percent of the respondents experienced business compromise/impersonation attacks while 36 percent experienced insider emailing sensitive data; and 44 percent experienced phishing attacks all due to internal threats.
With such increasing threats, Ngugi says firms can save a lot of time and money by using Mimecast’s email security, email continuity and email archiving systems which aims to help organizations to safeguard their emails, stop data leakages and send protected messages both internally and externally. Mimecast Email Security services protect email users against phishing attacks,ransomware, act as spam guard and anti-virus protection as well as encrypt emails to ensure secure file transfer.