According to a recent report by cybersecurity firm Trend Micro, more than 298 million malware attacks were detected in Asia. Phishing e-mail, the modus operandi for such attempts, is calibrated to trick unsuspecting users into clicking on compromised URL links.
“Phishing e-mail is the easiest way to penetrate a network. When somebody in the organisation gets hacked, the whole (company) network is compromised,†explains Luke Ku, principal consultant for Connectivity Global, a Singapore-based firm providing e-mail security services.
Identifying such threats requires an investment in employee education. “The devil’s in the details,†says the 46-year-old, who has had over two decades of experience in the information technology industry. While phishing e-mail messages are crafted to mirror correspondences from real companies, spelling and grammar mistakes often give them away. Paying attention to e-mail header details, which reveal the e-mail’s server of origin, is also key to assessing their legitimacy.
However, relying on human judgment demands constant vigilance. For a user who deals with hundreds of e-mail messages each day, all it takes is one erroneous click to jeopardise the entire network. To that end, Ku believes that e-mail security efforts powered by artificial intelligence (AI) form a more robust line of defence. Machine-enabled learning can study e-mail correspondence patterns at scale and swiftly flag anomalies.