Are Remote Workers Your Company’s Email Security Kryptonite?

February 03, 2022

Remote workers add unexpected complications to a company’s security plan, especially when it comes to email security. They’re heavy email users – even in today’s instant messaging heavy world, 55% of remote workers rely on email as their primary means of communication. That gives the bad guys ample opportunity to serve them a phishing message. They’re also typically working in isolation, increasing the chance that they may not hear about new risks or will be easy prey for sophisticated phishing scams – and that can spell trouble for their employers.  

AI is the secret weapon you’re looking for to boost business email security. SEE WHY>>

Remote Workers and Email Are a Deadly Combination 

Why does supporting a remote workforce add to cyberattack and data security risk for employers? Remote workers are simply more likely to fall for phishing messages, and phishing has been the number one threat to data security for the last three years. That means that companies are more at risk of a data breach caused by a remote worker’s failure to spot a phishing message than they are by an in-office worker’s same failure. Remote workers also engage in riskier security behavior because they feel confident that they won’t get caught cutting corners – one in three employees think they can get away with sloppy security hygiene when working remotely. 

  • 40% of remote workers admit that they’ve workers made mistakes resulting in cybersecurity repercussions for their company. 
  • 45% of IT team leaders had problems finding the right security solutions to support a remote workforce. 
  • 73% of employees read and respond to work emails outside of their working hours when working remotely. 
  • 24% of remote workers reported that they regularly multitask when handling work email.  
  • Over 40% of remote workers have missent an email because of fatigue or distraction. 

See how to avoid cybercriminal sharks in Phishing 101. DOWNLOAD IT>>

Phishing is a Never-Ending Flood 

That translates into a major problem for companies that are already facing an inundation of phishing every day. An astonishing 80% of IT professionals in a recent survey said that their organizations have faced an increase in the volume of phishing attacks that they’re facing, potentially putting more phishing messages into employee inboxes. Unfortunately, more phishing attempts have translated into more phishing attack disasters for many companies. An estimated 74% of respondents in the same survey said that their companies had been successfully phished in the last year. 

The rising tide of phishing is making an already dangerous data security landscape even more fraught with peril. Companies have been constantly under the gun when it comes to data security since the start of the global pandemic, and remote workforce support has played a big part in that. In the ninth annual edition of its Data Breach Industry Forecast, Experian analyzed the challenges that businesses are facing. The report took into account the shifts in the way that people and companies do business today, including increased remote work, as well as taking into account the ongoing impact of the pandemic on cybersecurity.  

The findings of that report clearly show just what a precarious position many companies are in when securing their remote workers. Their experts warned that businesses face major challenges when it comes to securing their networks and data in 2022 because many are still relying on infrastructure that they hastily set up in 2020 when they had to quickly pivot to remote operations. That’s complicated by a dearth of resources in a time of complex economic pressure. Only 39% of IT executives polled in a staffing survey felt that they have adequate IT expertise on staff to assist employees with remote work issues, and only 45% of organizations reported having enough budget available to address the needs of either their IT team or their remote workforce.  

Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>

Cyberattacks and Data Breaches Start with Phishing 

Other phishing-related cyberattacks also put data at risk, and those risks are also steadily growing. Business email compromise (BEC) has been a menace that the US Federal Bureau of Investigation declared 64x worse than ransomware. Speaking of ransomware, in the Experian report, researchers noted that ransomware was continuing its ascendence, with the number of attacks that respondents reported rising significantly, from 28% of respondents reporting attacks in 2020 to 35% in 2021 – and 12% of those respondents reported multiple attacks. Ransomware now accounts for 69% of all attacks involving malware. 

How do the majority of those data breaches and malware infections start? With a phishing email. An estimated 90% of incidents that send with a data breach start with a single phishing email. Cybercriminals know that getting their malicious messages in front of employees is the key to obtaining valuable data and unlocking more cyberattack opportunities. In order to do that, bad actors are upping their game by crafting sophisticated, tricky messages. That’s a potential disaster for businesses – 97% of employees cannot detect a sophisticated phishing message.  

Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>

Employees Will Click Phishing Messages 

That’s something that the bad guys are counting on. Cybercriminals also know that remote workers are less likely to have received training that enables them to detect sophisticated messages, and they’re not hesitating to hammer that advantage home. As GetApp reports, phishing messages are becoming both more abundant and more enticing to employees, raising click rates substantially while they create an elevated risk for businesses.  

Percentage of Survey Respondents Who Received (and Clicked) a Phishing Email 

2019 43% received73% clicked
2020 58% received81% clicked 
2021 64% received77% clicked 

Supporting a remote workforce looks like it’s here to stay. Upwork estimates that 36.2 million workers or 22% of Americans will be permanently working remotely by the year 2025, an 87% increase from pre-pandemic levels. For knowledge economy workers, that number increases dramatically, with Gartner declaring that by the end of 2021, 51% of all knowledge workers worldwide are expected to be working remotely, up from 27% of knowledge workers in 2019. That makes it essential that companies have powerful email security in place right away.  

See how ransomware rocks businesses in The Ransomware Road to Ruin. DOWNLOAD IT NOW>>

Automated Email Security is the Answer 

Traditional email security like onboard security with G Workspace and Microsoft 365 or a Secure Email Gateway (SEG) does catch some phishing email – just not nearly enough. The conventional security that most email solutions have baked into their product only stops about 40% of phishing messages. SEGs don’t fare any better – 90% of the phishing messages discovered in penetration testing by phishing experts made it through a SEG, including messages carrying ransomware and similar threats.  Plus, both of these security methods rely on human intervention in the form of patches, intelligence updates and modification to learn about new threats and make adjustments. That’s a major vulnerability and a tremendous time sink for IT staff.   

Graphus Gets the Job Done 

Employees can’t click on an email that they don’t get. That’s the biggest reason why automated phishing protection with Graphus is a smart move for every business. Our patented algorithm uses predictive reasoning and pattern recognition to create trusted email profiles based on your staff’s email traffic patterns. TrustGraph compares incoming communications to these profiles to detect and prevent sophisticated phishing attacks.

TrustGraph doesn’t just check a message against a safe sender list though. It analyzes the content of messages too, using over 50 different attributes of your employees’ communications learns to spot and stop suspicious messages before they land in anyone’s inbox. Plus, it never stops improving your protection. Machine learning ensures that Graphus learns from every interaction, tailoring your company’s protection to meet its unique needs.  

Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus