Skip to main content

Spring Cleaning Your Spam Filter Whitelist

By May 20, 2019Security
Spring Cleaning Your Spam Filter WhiteList

It’s time to add your spam filter whitelist to your spring cleaning routine.

For some of us who have been using the same spam filter for years, we may have a long list of allowed addresses or domains. Because phishing email is involved in 91% of breaches, I can’t stress enough how important it is to manage your whitelist.

As security has evolved, I continually find things that I did months or years ago that I would do differently today. So, I am learning to go back and review the things that are on autopilot to make sure they meet my current standards.

On spam filters – and many other things, for that matter – we all get in a hurry sometimes. So we make broad changes just to make sure that email gets through. Maybe you had 2 or 3 emails blocked from Gmail, so you decided to allow all of gmail.com through the filter. While you got those emails through, you increased your risk of getting malicious emails.

Why revisit and clean up your whitelist?

It’s the unintended consequences that get us many times.

With the increase in spoofed email addresses that appear to come from a CEO or co-worker, it is important to make sure that you have not whitelisted your own domain. And this is more common than you think. You may have your newsletter sent from an outside firm or other applications that do not send through your email server that need to come in. The easy answer is to allow entire domains, but rarely (if ever) is it the right choice. In many cases , whitelists are a free pass through your email security system.

There are typically 2 levels of whitelisting to be aware of. First is the global level, which your IT company or IT administrator needs to review. Then there is your personal whitelist that you can clean up yourself. Both are important to review.

I encourage you to take some time this week to clean up your whitelist and improve your email security. You may be surprised at what you find!

 

This article was authored by Ryan Pieken, Sr. Consultant CIO / CISO Services.


Recent Posts / View All Posts

social engineering tactics

How Hackers Use Social Engineering Tactics in Phishing Scams

| Business Productivity, Security | No Comments
Social engineering is quite a buzzword these days in the world of cybersecurity. But what is it, and why are businesses so afraid of it? It is a form of hacking that uses deception and manipulation to get victims to divulge information. Companies have reason to be fearful because social engineering tactics have led to a lot of destruction and millions of dollars in losses for businesses worldwide. Phishing is one of the most rampant types of attacks these days. It has been highly successful because it uses tried-and-tested social engineering techniques to hoodwink potential victims. What are these Social…
spot social engineering

Training Employees to Spot Social Engineering

| Security, Tech Tip | No Comments
Social engineering is one of the newest methods hackers use to access sensitive information. Rather than attacking a system directly, this technique relies on human psychology to gain information. This method is brilliant when you think about it because it does not have to deal with going past ironclad network security. If hackers can manipulate even a single employee, they might hand over sensitive information on a silver platter, and the hackers can take control of the organization’s entire system. This is why its important for your employees to learn how to spot social engineering. Companies must understand that if…
Phishing Scam Tactics

Top 8 Phishing Scam Tactics and How to Identify Them

| Business Productivity, Security, Tech Tip | No Comments
Phishing has been a common hacking method for over two decades now. You would think that everyone would already know how it works and how to avoid becoming a victim, right? Sadly, that is not the case for these Phishing Scam Tactics. There are more victims now than ever. In 2022, there were more than 300,000 victims in the US alone, with damages amounting to over $52 million! The thing is that phishing scams have evolved over the years. Hackers are now more adept at hoodwinking unsuspecting victims, and they also have easy access to modern technology that helps elevate…