My Bank Showcases A Dangerous Misconception Undermining Cybersecurity

Many organizations still suffer from the misconception that it is safer to receive files through email than through best-of-breed cloud storage services. A misconception that benefits no-one except the cybercriminals.

Me with the oldest phone I could find. It’s from the 1980s. It’s a little more modern than the technology behind your email attachments, but you’ll figure it out. :)
Screenshot from my bank's email telling me that they could not accept my personal files from secure cloud storage links because of their security policy. Better to send them my personal data through insecure email attachments.
  1. You can easily white list trusted cloud services to allow download. Nothing to do for email attachments, they are already inside your firewall.
  2. Enterprise cloud storage, like Box, scan for viruses upon upload. Further limiting even accidental distribution of viral content.
  3. Email attachments can be completely self-contained, and once inside the organization, can wreak havoc without external support. In contrast, the delivery of a hyperlink isn’t the delivery of the virus. The link still needs to be clicked and reach out through firewalls.
  4. Once an attachment is inside someone’s inbox, it is a persistent threat that can not be shut down by adjusting border defenses. Even if the recipient is disconnected (e.g., on an airplane), a malicious email attachment can infect the user’s device. A malicious hyperlink is disabled.

CEO MxHero Inc.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store