Spam is annoying. It’s so annoying that the majority of us have just learned to accept it and tune it out. We all get physical junk mail that just gets tossed in the trash, we get bizarre text messages that we just automatically ignore, our phones ring with telemarketers and scammers. We’re so used to it, and most people feel so confident in their abilities to ignore it, that we don’t stop and ask ourselves, “Why the heck is spam still a thing?”
It’s because people DO fall for it. Spam works…and when it does, it can be devastating.
Spam and the Threats Lurking Behind It
Spam comes in a lot of different flavors, and we’re not talking about Original, Bacon, Maple, and Jalapeno (although don’t knock a diced Bacon Spam omelet until you’ve tried it!).
In all seriousness, spam is a big problem because we tend to just flag it as an annoyance; it’s marketing messages you may not have asked for, furniture store blowouts and gutter cleaning services that you get in the mail, sketchy automated business loan calls, and countless irrelevant emails that flood your inbox and spam filters.
Most of it is annoying, but harmless. Much of it isn’t especially targeted either. Sure, new homeowners get inundated with junk based around owning a home, and the act of purchasing a car makes you a target for extended warranty calls, but the fact that benign spam is just such a common annoyance means we let our guard down otherwise. When something looks spammy, we dismiss it; when something looks legitimate, we trust it.
There lies the rub. First and foremost, legitimate businesses and organizations that send out junk mail and spam aren’t usually doing it at a loss. Those extended warranty calls almost have to be netting at least enough business to keep the telemarketers in seat, or else they’d be throwing money away. It doesn’t help the equation that, in the grand scheme of things, sending out a million emails, or performing a million automated calls (or even using a foreign call center) is relatively cheap, but the point is that almost all of this stuff is driven by money and profit.
The same can be said for the more dangerous flavors of spam.
When Spam Becomes More Than an Annoyance and Can Actually Do Harm
Since we’re all so desensitized to spam, it’s easy to brush off some of the dangers that can be lurking in unsolicited email, text messages, social media messages, IMs, and even phone calls.
Cybercriminals, scam artists, and other bad actors are clever. They know that if they send out a million emails, they might get someone to bite and fall for their trap. They also know as they tweak their tactics, they can improve their odds.
Just like gutter cleaning services and extended warranty companies, cybercriminals treat their work like any other business and focus on increasing their return on investment.
For instance, one of the most common cyberthreats to businesses right now is ransomware. Ransomware is difficult to prevent, and nearly impossible to simply recover from unless you are prepared for it before you get it. It’s a huge hassle and has been known to cripple businesses, organizations, municipalities, and more.
Ransomware works by quickly taking control over all of the files on a computer or network, and making those files impossible to access by encrypting them. Essentially, it locks down your data with a huge complex password and gives you a countdown timer. When that timer hits zero, you lose your data. The only way to get your data back is to restore from a backup, or to pay a ransom anonymously to the cybercriminals.
Organizations tend to pay out of desperation, which funds the cybercriminals, and keeps the scheme working. It’s a bad situation, and most organizations that get hit once tend to get hit by a second attack shortly after, especially if they paid the first time.
The most common vector for ransomware right now is through spam.
Clearly, spam isn’t as benign (and isn’t as ignored) as you might initially think.
In fact, business owners need to acknowledge that spam is likely hurting their business, at least a little bit, simply by being a nuisance for their employees. If it’s cluttering up inboxes, your staff likely needs to wade through the mess. It hinders communication, causes critical messages to get missed, and it wastes time. And then, there’s the risk of ransomware like mentioned before, and other threats that sneak in through spam.
Can Email Inboxes Be Protected?
Yes and no.
As an IT professional, I wish I could guarantee a single turn-key solution that prevents any and all threats from entering your business through your email. We’ve spent years and countless hours exploring various options and products, and the solutions we deploy for our clients are very powerful, but as I’ve been stressing in this article, the bad guys are aggressively tweaking their methods to slip through the toughest security.
We can stop about 99.5% of the spam and threats from coming in, but that last half a percent that doesn’t get caught as spam tends to be the trickiest scams and phishing attacks. These are the attacks that look and feel so legitimate that they could fool almost anyone who isn’t paying attention.
That’s the secret though. When you’ve eliminated most of the noise, it’s so much easier to be aware of those devious tricks that try to catch you off guard.
Cybersecurity Isn’t Just About Throwing Money at a Problem
We’re not going to sugarcoat it; cybersecurity is an investment, and one that every organization that uses computers needs to make. That being said, it isn’t simply prevented by writing out a check.
At the same time, cybersecurity isn’t some luxury that only massive corporations can afford. It’s something that every single business needs to invest in, because not doing so puts you at major risk.
Establishing email protection, like our Mail Defense platform, can save your staff a lot of headaches by nearly eliminating all spam and dangerous emails. The last line of defense then, is staff training. Empowering your staff to identify, understand, and report dangerous threats is a huge step towards making the modern organization less prone to modern-day threats.
We can help your organization with all of that and more. Let’s talk about how we can eliminate time-wasting junk email from your inboxes, while protecting your network and training your staff, all to help keep your organization operating smoothly. Give us a call at (410) 531-6727 to get started.