You’ve received this email before.
The layout of the message looks like it’s from your email provider or sometimes even from your bank, saying that someone has tried getting into your account and you need to change your password ASAP. A big button says it will lead you to the right place to do this. But something looks off – the font of the email doesn’t match the corporate brand, or the email address looks a little strange.
Most of the time, you probably ignore the message, recognizing that it’s likely a phishing scheme.
This did not happen when the chairman of Hillary Clinton’s campaign received an email from Google saying someone in Ukraine was trying to get into his email account.
Instead, John Podesta or a staffer working for him clicked that big button and entered his password in a fake webpage, giving the hackers – working for the Russian government according to many accounts – access to all his communications, which was eventually leaked to WikiLeaks.
These spear-phishing hacks are very common, especially in business. According to Symantec, spear-phishing campaigns targeting corporate employees increased 55% in 2015. They’re also aimed at SMBs at a higher rate, likely due to the assumption that small companies have fewer security features.
Why the Clinton campaign’s chairman was allowed to use a Gmail account to share such sensitive information in the first place is beyond us. But aside from having the common sense to view emails asking for your password skeptically, there are many ways to protect your data.
Evizone’s communication software not only encrypts all your sensitive information onto military-grade secure servers, but the platform also doesn’t allow for downloading view-only information. With a good document retention policy, automatically enforced by Evizone, all those thousands of messages from years ago will be gone forever and not available to hackers. You can also opt for two-factor authentication and you will be informed if someone tries to access your account from a new device. No more spear-phishing!
So John Podesta: if you’re reading this, give us a call. We’ll make sure no one ever gets into your confidential electronic communications ever again.
About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, firstname.lastname@example.org