The uncomfortable truth is that business emails are highly vulnerable to cybercrime.

Data belonging to more than 5.6 billion individuals and businesses was compromised in the fifteen largest breaches this century.

Some of those companies are big names in the tech industry. Alibaba, Adobe, Myspace, LinkedIn and Facebook are among them. The largest of these leaks affected Yahoo, when the data of over 3 billion users was compromised as the result of a singular breach (csoonline.com).

Cyberspace has become a battleground, according to the Australian Cyber Security Centre (ACSC). In July 2021, the Australian Government publicly attributed exploitation of Microsoft Exchange vulnerabilities to China’s Ministry of State Security.

According to a 2021 Credit Suisse report, Australia has the highest median wealth per adult in the world, making its prosperity an attractive target for cybercriminals. In 2021–22, cybercrimes directed at individuals, such as internet banking and online shopping compromise, remained among the most common. 

From the corporate perspective, Business Email Compromise (BEC) resulting from invoice fraud, employee impersonation and company impersonation also topped the list, with a trend towards high-value transactions, e.g.- property settlements and payroll bank transfers.

Financial losses specifically due to BEC rose to over $98 million nationally, costing small businesses an average of $39,000 per cybercrime report and a staggering $88,000 for medium businesses. 

Australia’s commonwealth-funded cyber security hotline has seen an increase of 15% in calls compared to the previous financial year, currently averaging 69 calls per day. Statistics tell us many incidents remain underreported, suggesting those losses may only be the tip of the iceberg.

While many avenues are exploited by cyber criminals (explained in more detail below), one of the most fundamental pathways is through email accounts. Often described as the key to an individual’s digital footprint, your email account is usually the place that you’ll come back to when resetting passwords and managing your online accounts. Should a cyber criminal compromise you here, a domino effect on your entire digital footprint can follow.

How does getting hacked impact your company’s reputation?

1. It results in a loss of trust
   A customer will think twice before buying any of your products or services.

2. Negative word of mouth
   Bad experiences will start circulating, either through complaints on social media, direct posts on the reviews section of your Google Business Profile, or your alternative review software/platform.

3. Loss of potential customers
   Your business competitors will eventually reap the benefits, as potential customers will instead pay extra for providers of the same service with better security.

Are you frustrated with your email workflow and existing security?

Is your business suffering from a multiple-layered email system? Such as Webmail, Outlook, Yahoo, Apple Mail, Thunderbird, etc. Do you find yourself losing emails and files?

Gmail’s got you covered in regards to email security. With more than 1.5 billion active users across the world, Gmail has a multitude of excellent built-in safeguards embedded in their software.

It utilises a seamless dynamic email system that enables and allows you to operate with more efficiency, acting as a digital shield for your email with its state-of-the-art security features.

The big question: Should you feel safe using Gmail?

The short answer is: “YES”

Here are the 3 of the many reasons:

1. Gmail uses cryptographic protocols that provide end-to-end security while your data is in transit

2. Gmail enforces 2-Factor Authentication (2FA): what you know (username/password) and what you have (physical device, phone, tablet, desktop), to provide your account with impregnable protection against unauthorised logins

3. Gmail can detect and classify spoof-like emails, displaying an alert banner, warning you of any potential scams 

8 of the most serious security risks that are commonplace right now:

1. SMS Scams
   There is a huge number of postage, bank-themed SMS phishing circulating now.

2. Malware
   Google is monitoring 300 billion attachments that travel across its servers each week with attachments being hotspots for malware, particularly Microsoft Word and PDF files.

3. Online Shopping Scams
   What appears to be a legitimate website selling products at a discount could actually be a fraud.

4. Double Check for Social Engineering
   An impersonator will act like the representative of a well-known company and try to bait you for information so they can access your accounts/devices.

5. Do Not Engage with Email Spam
   When you get unsolicited messages are sent in bulk by email (spamming) with nasty hidden features underneath it - don’t click!

6. Protect Your Passwords
   Did you know someone can find out what password you are typing when you’re connected to public Wi-Fi, using a simple keylogger virus?

7. Check for Email Spoofing
   When an email appears to look like it's been sent from someone, when in fact it's not really them.
   Can you spot the difference between these 2 emails?
   support@onlineiseasy.com.au and support@onllineiseasy.com.au

8. Stay Wary of other Spoofing Methods
   When an email tries to trick people into giving up sensitive information, by appearing to be a "legitimate" request from a trusted source.

Examples of spoofed emails:

… and this …

Sadly, there is many, many, many more …

After the Optus, MediBank and Medlab data breaches, most of our data has unfortunately been circulating in the dark web. Either to be used for marketing purposes or other malicious activities, and it’s going to have quite the long term impact. You might not get a spam/phishing call or email today- but instead in months or years later.

With the recent breaches, members of our team have been impacted by spoofed and spam emails. In light of this, we examined our offerings and created a security upgrade for Google Workspace email accounts.

What’s the solution?

Our new Email Security setup will significantly reduce the possibility of scams, fraud and theft.

In today's world, we have got to be responsible for the security and privacy of our organisational data, as well as our team's digital footprint. Google Workspace offers powerful tools to help mitigate the risks; would you like us to set it up for you?

• Secure DNS Records

• Enhance TLS encryption
  Cryptographic secure protocol for emails and web browser

• Email attachment protection

• Spoofing. Authentication, Spam, Phishing and malware policies

• Suspicious link protection

• Warning prompts prior to clicking links

• Google Protect - stops you from putting your Google details into a masked website

• Dashboard setup that helps you understand details like delivery errors, spam reports, feedback loops, and more.

Pro Tip!!

Always keep your web browser updated! We highly recommend Google Chrome as your default web browser.

How much does Email Security cost?

Our Email Security setup for Google Workspace is a once-off fee of $395 and, in most circumstances, can be fully implemented within 48 hours of your purchase.

Can my Gmail account still get hacked?

If you’re working in the internet-connected environment services, anything can be ‘hacked’.

The crucial thing here is that you need to actively protect your account’s safety and recognise any suspicious activity that is happening inside of it, but because human error is one of the biggest factors for security breaches; we need to practise awareness and keep up to date with what is happening in the global online security climate.

Implications Being:

• Identify Theft

• Lost of money

• Damaged reputation

• Digital assets theft

• Loss of productivity

What if you get a phishing email?

• STOP!! DO NOT CLICK ANY SUSPICOUS LINKS!!

• Use strong passwords - Remember, the more complex your password, the more time, effort and intensive computing resources are required to crack the code.

• Use a paid password keeper. We recommend & support RoboForm, it’s cheap, easy to use and, unlike other keepers, has never been hacked or compromised (we’ve used it for 7 years now).

• If you get a call, always ask for the caller's identity, company and credentials. Even though they sound Australian, you must bear in mind the fact that not all hackers come from overseas. Never share authentication codes give any information to anyone you aren’t 100% sure of.

• Hover over to the link (on the computer) to see if it appears to be legitimate

• Think twice before connecting to free public Wi-Fi networks or use a VPN to encrypt your signal.

• Don’t fall for or buy into any offer that seems too good to be true - ‘limited offers’, ‘countdowns’

• Check your bank account regularly and make sure you cross-check your legitimate bank domains, e.g.- anz.com, anzplus.com, cba.com.au

• Train your employees thoroughly and implement ‘the culture of questioning’, including any activities from executives and leaders - they make mistakes too.

• If you're in doubt, forward the sample scams to support@onlineiseasy.com.au (without clicking any links)

What’s the conclusion?

It may all sound intimidating and overwhelming but you can rest easy knowing that Online is Easy. As an Australian Authorised Google Cloud Partner we have got your back by helping you maintain a consistent online security hygiene routine.

We will teach you tips & tricks and we’ll setup your Email Security package to mitgate Business Email Compromise (BEC) 👍🏼

Why would you choose Online is Easy?

• We are an Australian Business.

• We are an Authorised Google Partner

• We provide training for Google Workspace

• We are close to 100 Squarespace websites and are still counting!

• We are an Authorised Squarespace Trainer

• We have 17+ years of web development experience

• 5-star Google Review rating

• We are located in Gunaikurnai Country (Gippsland, Victoria).

• Friendly and Easy to Talk to 🤸🏼‍♂️

Hello! I’m Anthony 🖐🏼 I am the founder and director of Online is Easy, an Australian based digital strategy consultancy and web design business based in Gunaikurnai country (Gippsland, Victoria).

I’m a Google Partner & Google Workspace Reseller as well as Authorised Squarespace Trainer. My mission is to help small business look big online and we support individuals and businesses like yours to get the most out of this world class digital workspace.

Book a free discovery call with me or simply email me to get the conversation started 🖖🏼