Email phishing attacks have grown to be a significant IT liability for organizations. In these attacks, hackers pose as trusted email senders as a way of gaining access to sensitive information, such as login credentials, or tricking users into clicking links or opening attachments that will download malware into a computer. Once they break into the system, hackers can lock a municipality out of its own systems and demand ransoms for a system’s recovery.
Unprepared municipalities can and do pay these ransoms. In 2019, some cities around the nation paid amounts ranging from $400,000 to $600,000. Even when cities choose not to pay the ransoms, they often face major recovery and rebuilding costs.
Email users need to be skeptical when evaluating email requests and attachments. Training can help staff identify incoming email attacks. Hackers can pull organization information from a city’s website or social media to create an email address that looks as if it’s coming from a high-ranking member of staff or council.
Suspicious email characteristics to watch out for include
- urgent language that demands or encourages immediate action,
- failure to address the recipient by name,
- email addresses with the wrong domain name, or which otherwise don’t match up with the supposed sender’s actual email address,
- unexpected email attachments,
- links with unknown or suspicious destinations, and
- large numbers of typographical or grammatical errors.
Technology staff and others can help with training by showing users examples of incoming emails identified as phishing attempts. Users should be trained and encouraged to send all suspicious emails to the IT department for evaluation. Some departments stage drills with dummy phishing attempts as a way of encouraging vigilance and identifying training needs. Along with training, well-designed and well-executed backup plans can form a valuable part of preparation for a municipality’s computer systems.