You may have heard about it, but we would like to remind you again of a possible new wave of ransomware attacks. Since last week, there have been several reports by organizations that have received phishing emails with malicious software. Cyber criminals block or encrypt your files using this so-called hostage software to extract ransoms. Very regularly, emails are sent in the name of a well-known organization, so that sometimes you open the mail and fall into the trap even without looking.
There are multiple actions you can take to prevent a ransomware attack. By investing in good antivirus programs and updating software updates directly, you are already 1-0 ahead. But don’t forget to use your common sense and check the sender’s address with each incoming email and see if it really comes from the organization they say they are.
Now that you know how to prevent such an attack, we’d like to tell you what you can do to be transparent and trustworthy to third parties, at a time when ransomeware attacks are the talk of the day:
Communicate to third parties what email addresses and means of communication are used by the organization
Assuming you have the right addresses of customers and partners, it is important to communicate through which business email addresses are communicated. In this way, each third party can check whether an email from your organization name has actually been sent by your organization, and therefore it is not a phishing email.
To be even more transparent towards customers and partners, you could share a list of unused means of communication. Banks do it regularly. Consider, for example, the numerous reminders you receive each month about the fact that your bank would never call via email or WhatsApp message to make a password change or transfer money. You can create a similar message for your externals.
Digital signing
By signing digitally you can be sure that the right documents will be signed quickly and securely. Documents are signed legally from a highly reliable digital signing platform as ValidSign. The documents are digitally sealed and are immutable after signing.
Now I hear you think, but what if cybercriminals mount a ransomeware attack with an email address that is almost identical to the sender address of validsign in this case? This has indeed happened recently with another organization within the field of digital signing, but ValidSign has found something on this! ValidSign’s digital signature offers the possibility to set up your own sender’s address. This Sender Mail Module sends all sign requests from your organization regardless of whether the sender has their own ValidSign account or not. The sender mail is fully arranged based on the branding of your organization so that each sign request is reliable and recognizable to the relevant signer. Sounds safe, right?
Now I hear you think, but what if cybercriminals mount a ransomeware attack with an email address that is almost identical to the sender address of validsign in this case? This has indeed happened recently with another organization within the field of digital signing, but ValidSign has found something on this! ValidSign’s digital signature offers the possibility to set up your own sender’s address. This sender mail configuration sends all sign requests from your organization regardless of whether the sender has their own ValidSign account or not. The sender mail is fully arranged based on the branding of your organization so that each sign request is reliable and recognizable to the relevant signer. Sounds safe, right?
The three servers that support sending the sender mail are: DKIM, SMTP and Mailrelay. Before you can use this module, a validation will take place in the domain of your organization in which ValidSign is authorized to send the sender mail from the organization. By including these addresses in the list discussed in point 1, you will save two birds with one stone.
Do you want more information about the Sender email module or do you have other questions? Feel free to contact support@validsign.nl.