Gone Phishing: Majority of Businesses Fall Victim to Attacks

Written by

Proofpoint; a leading cybersecurity and compliance company, has released its eighth annual State of the Phish report, which provides an in-depth look at user phishing awareness, vulnerability, and resilience. Net Defence summarise, and tell you how to avoid becoming another statistic in next year’s report.

 

The Summary for 2021

Email-Based Attacks Dominated the Threat Landscape in 2021; Tailored Security Awareness Training Remains Critical for Protecting Hybrid Work Environments

UK survey respondents results for 2021

  • 91% experienced at least one successful phishing attack.
  • 84% faced at least one email-based ransomware attack.
  • 81% faced one or more business email compromise (BEC) attack.
  • 78% dealt with at least one ransomware infection.
  • Of these, 82% opted to pay at least one ransom.
  • UK is the most likely to face high volumes of non-email-based social engineering attacks in 2021.
    • More than 20% faced 50+ smishing, social media, and vishing attacks
    • 78% faced at least one malicious USB drop.
  • The UK has the greatest security awareness programs in place, 59% Vs 57% global average.
  • 77% punish employees who interact with real or simulated phishing attacks, a 28% increase from 2021. Including inflicting monetary punishment (42%) and terminating employees (29%)

 

What can you do to avoid becoming another statistic in the 2022 report?

  • Information Security Awareness Training; your employees are your best line of defence if your IT systems don’t stop the threat.
  • Simulated phishing and other email-based attacks to test and educate your employees.
  • Information Security Incident response protocols in place; reporting, and issue handling.

 

Who We Are:

Proudly part of the Ogilvie Group, Net Defence is a third-generation family-owned business providing Managed IT, Information Security Assurance & Telephony services with trust, transparency and ownership.  Serving the North East of England and Scotland, we believe that these services should be affordable, attainable and accessible to all and offer a structured service and plans to match your organisation.

What We Do:

We protect, support and help to keep your business compliant. Our Information Security Assurance service provides the mechanisms needed to provide certainty, confidence and trust that your IT & Comms infrastructure is secure, reliable and protected.

 

Photo by Mika Baumeister on Unsplash

How to Get Your Email Delivery on Track

Written by

Building a beautiful, compelling email does nothing if it doesn’t make it to the inbox. That’s why building an effective email marketing strategy starts with understanding email deliverability and how to achieve a good email reputation.

In this article by Campaigner, they cover the best practices to help you achieve just that. 

 

Make sure your email domain is authenticated. 

Authenticating your email address helps reassure ISPs that you are the business you claim to be. This makes them more inclined to trust you and reduces the chances that you will be flagged as spam. 

There are four things major authentication factors that you should have: 

1. SENDER POLICY FRAMEWORK (SPF)

2. DOMAIN KEYS IDENTIFIED MAIL (DKIM)

3. DOMAIN-BASED MESSAGE AUTHENTICATION, REPORTING & CONFORMANCE (DMARC)

4. “FROM” NAME AND EMAIL ADDRESSES

 

IP Reputation

IP reputation is critical for your email delivery. Your Internet Protocol address might be shared or dedicated. The IP address refers to the unique address that will identify your device on the internet. Depending on your IP reputation your email might be reaching the inbox. You must remember here that even landing in the spam folder would mean the email at least reached the recipient. Sometimes, emails might not even get delivered. To maintain IP reputation here are the best things to take care of.

5. IP warm-up 

After a certain number of emails, businesses should opt for a dedicated IP address. When you first get the address, the IP doesn’t have any reputation at all, so you have to work to build that up which is known as warming up your IP. 

Warming up your IP is simply a way that you can build up that reputation and earn trust with ISPs. To do this, send small batches of emails every day and keep increasing the number. Make sure the content is engaging and strike up conversations with your customers. 

6. Have a Quota for sending every day

Once your domain is authenticated, and your IP warmup is done, you can send bulk emails but keep the number of emails sent consistently. If you send too many or drastically change the number of emails you send, then you risk ESPs flagging you as spam.

7. Beware of Blacklists

Domain and IP blacklists are lists of IP addresses and domains that ESPs have blacklisted. You should check these lists regularly to see if you have been blacklisted. There are tools to check these lists. If you find yourself in these blacklists, you will need to start fresh and from scratch, which is not too difficult, but you will lose out on time.

8. Collect feedback

Getting feedback (especially when people unsubscribe) can help you improve your campaigns and make your content more engaging. In turn, this will keep your subscribers happy, and reduce the likelihood that people will mark your emails as spam in the future. 

9. Verify email addresses

Sending to an email address that hasn’t agreed to hear from you is one of the main reasons that an IP address can become blacklisted. Even if you are only emailing to addresses that have signed up to your list, you can still run across this problem. If someone misspells their address, that can lead to this issue. When they first sign up, send them a welcome email that asks them to confirm their interest in receiving emails. 

10. Clean your contact lists frequently  

It’s natural for an email list to have unengaged subscribers or email addresses that begin to bounce. Some amount of soft bounces is okay, but if you start to see many soft bounces in a row it might be time to remove them. If you have hard bounces in your list, those should be removed since hard bounces usually mean a long-term problem. 

11. Unsubscribe link

Make sure every email has an unsubscribe link at the bottom and that the process is easy. Not only do you need this to abide by anti-spam laws, but if a subscriber finds it too difficult they will be more likely to report you as spam. 

 

Email Content

12. Compelling subject line

A subject line gives your audience an idea of what to expect in the email. If it is not interesting, they won’t even open it. Worse, some words are considered spammy like “cheap,” “credit,” “earn,” “work from home,” “biz opportunities,” “earn” – that work as red flags for ESPs and can cause your email to be marked as spam. Instead, avoid words that might suggest clickbait and keep it precise and meaningful.

14. Links

Like images, links have a similar problem; having one or two might be great, but more than that will make it look spammy, and it might just get lost before reaching the inbox. To be in the good books of ESPs, be careful while adding links.

16. Personalisation

The more relevant the content is, the less likely a subscriber will mark it as spam. Building out quality content that is engaging is vital. That’s why personalising content can be so powerful. Whether you’re adding a few small details such as the subscriber’s name or building out hyper-personalised product recommendations, this tool will help you not only increase deliverability but improve the overall success of your campaigns.

Ultimately the best way to maintain good deliverability and build it up is by making sure you’re following spam guidelines and that you’re delivering quality content to your subscribers. By following these best practices you’ll be on your way to improving your results and making it to the inbox. 


Looking for a powerful email marketing tool? Try Campaigner today!

 

Photo by Stephen Phillips – Hostreviews.co.uk on Unsplash

10 Mistakes You’re Making with your Newsletter

Written by

Campaigner explains what you could be doing wrong when writing your newsletters.

 

The email marketing newsletter is a quintessential piece of a traditional email marketing program. Many brands send a regular newsletter to their subscribers to update them on new products, release content (like blog posts and podcast episodes), announce sales and promotions, and offer various kinds of education.

If you’re like a lot of brands, your newsletters are never as effective as you’d like them to be. Your open rates and click-through rates are never high enough. Why does this happen? Because you’re probably making some common newsletter mistakes that discourage your audience from engaging with your email content.

In this article, we are going to look at some of the common email marketing newsletter mistakes that many brands make, as well as how to fix them.

 

1. You’re sending the same email to everyone

This is the top mistake we see brands making with their email newsletters, so we had to list it first.

There’s nothing that says you have to send the same email content to everyone. In fact, that’s almost always a bad idea because your content doesn’t apply to your entire list. People want to read the messages that add value to their lives, not the irrelevant ones. After all, 80% of consumers are willing to spend more on brands that offer a personalised experience.

 

2. Ignoring mobile devices

This should go without saying at this point, but many email marketers fail to take it seriously. More than half of all emails are read on mobile devices, and yet nearly 1 in 5 email campaigns aren’t optimized for mobile devices.

It’s absolutely critical that your emails look great on small screens. Use a mobile responsive template for your emails and preview them at multiple sizes before sending.

 

3. You talk about yourself too much

It’s tempting to brag about your company, your successes, and yourself in an email. But your subscribers don’t want to hear much about you. They want to hear about themselves, or at least the things they care about. They want stories, resources, and value that appeals to their needs. It’s okay to talk about yourself a little bit, but no more than 10% of your overall content.

 

4. Not adding links and buttons

Your newsletter may have great content, but it’s important to entice visitors to take the next step. You want them to click to your other properties, such as your website or social media pages. So make sure to include at least one primary call-to-action and several other links.

That said, don’t get carried away. If you add too many links in your emails, it can confuse your readers, or take away from the action you want them to take. Don’t include more than 5-7 links in your email, and keep your primary CTAs to one or two.

 

5. Not writing like a human

When brands get big and many people contribute to the newsletter, there’s a tendency to lose the human component. The result is bland and impersonal language that fails to connect with your subscribers.

Think of your subscribers like guests invited to a private event. They don’t want to hear boring corporate-speak. They want to connect with real people. Let people know that a real person is behind the newsletter.

 

6. Not branding your emails

When a subscriber opens one of your emails, they should be able to tell right away who it’s from. It’s important to use consistent branding throughout all of your email marketing activities. This branding should match the branding on your website and social media pages. Use matching colours, fonts, language, and logos.

 

7. Your fonts are hard to read

Using complex fonts or too many fonts make your emails hard to read, especially on small screens. Stick to no more than two different fonts.

Opt for sans serif fonts such as Arial, Helvetica, or Verdana. Stick to fonts that email clients can display (which is a much smaller list than what browsers can display). Use 22-24pt text for headers and 12-16pt for body copy.

 

8. You leave the important things until last

If you were reading a book or producing a film, it would make sense to leave the best part until the very end. But that’s not how it works with email newsletters. Remember that short attention span we talked about? That’s why you need to give your subscribers the best part first.

Think of each email like an inverted pyramid. The most important stuff comes first, the second most important stuff comes second, etc.

 

9. Including attachments

This is a big mistake, even if you have something valuable to distribute. Email recipients are leery of attachments as they may contain malware. Most email clients will instantly regard your email as spam. Don’t do this.

 

10. You have typos and misspellings

Nothing looks more unprofessional than a mistake in your email copy. Review your emails carefully before they go out to catch mistakes. It’s always helpful to use a second set of eyes.

 

Are You Making These Email Marketing Newsletter Mistakes?

We encourage you to bookmark this list and check it each time you send an email newsletter to your audience. Make sure that you aren’t making any of these common mistakes. Your subscribers will appreciate it!

 

For more Email Marketing best practice, check out Campaigner.

 

Photo by Brett Jordan on Unsplash

Levelling Up Digital Connectivity in the North East

Written by

In the Government’s outline for Levelling Up the United Kingdom, one of the twelve ‘missions’ concerns digital connectivity. They sate that the UK will have nationwide gigabit-capable broadband and 4G coverage by 2030, as well as 5G coverage for the majority of the population.

This mission is motivated by the fact that the Covid-19 pandemic demonstrated the importance of digital infrastructure, and that digital connectivity has the potential to drive growth and productivity cross the UK, as well as widen job opportunities through remote working. There are significant spatial disparities in the quality of broadband and mobile networks across the UK, with rural areas more likely to experience worse digital connectivity than urban areas.

In this post I summarise the mission’s policy programme and what it could mean for the North East.

 

Gigabit-capable broadband

In 2020, the UK Government published the National Infrastructure Strategy, committing to providing £5bn in public funding to roll out gigabit broadband to at least 85% of the country by 2025, and subsequently to as close to 100% as possible, working with the private sector. Public investment will target premises that are hardest to reach, and which would otherwise not be provided for by the private sector.

Gigabit coverage has already increased massively over the last couple of years. Across the UK, there was an increase from 10% to over 60% in less than two years. This increase does not exclude the North East, with Gigabit broadband coverage increasing massively from 2% in November 2019 to 66% in January 2022. By 2025, it is forecast to reach 70-80%. With the current speed of growth, it may indeed be possible to reach nationwide gigabit-capable broadband by 2030.

The North East was among the first areas to benefit from Project Gigabit last year, prioritising buildings that had the slowest connections in the local authority areas of County Durham, Darlington, Stockton, Hartlepool, Middlesbrough, Redcar and Cleveland, Sunderland, Gateshead, South Tyneside, Tees Valley and parts of Northumberland. The Levelling Up report states that Project Gigabit is still going ahead in Durham, Tyneside, Teeside and Northumberland.

It is also worth mentioning that the Towns Fund, which is investing over £172m across seven towns in the North East, will include a revitalisation of Darlington which will incorporate town centre WiFi.

 

4G and 5G coverage

The Government has also agreed a £1bn deal with mobile operators to deliver the Shared Rural Network programme. This will see operators collectively increase 4G coverage to 95% by 2025.

There is an opportunity to improve the North East’s 4G coverage greatly. 2021 figures show that the North East’s 4G coverage is lower than 70%, which is lower than every other region in England, as well as Scotland. The report’s figures forecast roughly a 15% increase in coverage Post-Shared Rural Network programme. More work will be needed in the region, then, in order to reach nationwide 4G coverage by 2030.

Meanwhile, regarding 5G, the Government aims for the majority of the population to have access to a 5G signal by 2027. They state that 5G “has the potential to radically change the way people live and make businesses more productive and competitive.”

5G is currently live in some regions across the North East, but often with only with one or two providers.

Since 2017, the Government has provided £200m in funding for 5G Testbeds and Trials, supporting over 200 startups and SMEs across a range of sectors in order to better understand how to use the technology to develop new solutions and services.

In 2022, the Government will publish the Wireless Infrastructure Strategy. This will review how far the private sector will go to deliver wireless infrastructure – including 5G – across the country, and determine whether there are any market failures in places that need to be addressed, and how the Government could tackle these.

 

Digital Skills

The report points out that the economic benefits of gigabit-capable broadband will only materialise if businesses and workers have the skills to take advantage of improved infrastructure. So, we must ensure that people have sufficient digital skills to reap the benefits and prosperity arising from the digital economy. 

In 2020, the UK Government introduced a new digital skills entitlement, giving adults with low or no digital skills in England free access to new digital skills qualifications based on employer-supported national standards. They state that they will continue to work with local leaders to develop Local Digital Skills Partnerships. These collaborative partnerships are now operating in seven regions across England, but none are in the North East.

I would argue that the North East is almost certainly deserving of a Local Digital Skill Partnership. In September of last year, IPPR North produced a report on Addressing Digital Exclusion in North East England. You can read my summary of the report here. The report explained that digital exclusion exists on a spectrum, and is not just about a lack of connectivity. It highlighted that a lack of access to devices, lack of skills and confidence, and lack of inclusive digital design is just as important when considering digital exclusion.

Although it cannot be definitively said how many people in the North East are digitally excluded according to this definition, particularly because there is a lack of data available on digital exclusion at local and regional levels, there is evidence that the North East has higher levels of digital exclusion than the rest of England, particularly in rural areas.

The Government states that it will work with devolved administrations to consider how best to share the insights and evaluation of the programme to help build digital skills capability across the UK. Because digital exclusion is deeply intertwined with other inequalities and deprivation, and the North East has some of the most deprived neighbourhoods in the country, we must hope that specific support will be given to these areas to target the specific forms of digital exclusion that they face in order to truly level up the region.

 

Freya Thompson

Knowledge and Research Executive

@NEEChamberFreya

 

Photo by Georgie Cobbs on Unsplash

Addressing Digital Exclusion in the North East

Written by

In September of this year, IPPR North produced a report on Addressing Digital Exclusion in North East England. The comprehensive report includes guidance for employers for what they can do to help.

Digital exclusion has been an issue long before the Covid-19 pandemic, but since it began, reliance on access to digital services has increased since many people started to attend school and work from home. The boundaries between our virtual and daily lives are becoming increasingly blurred, and it even became difficult to meet your basic needs throughout the height of the pandemic lockdowns if you either did not have access to, or did not have the skills to navigate, the internet. The report states that digital exclusion is not just a matter of access, with a range of other complex challenges relating to digital literacy such as accessibility, confidence, and safety lying beneath. Digital exclusion therefore exists on a spectrum. The four overlapping barriers to digital inclusion that the report highlighted are:

  • Lack of connectivity, either due to infrastructure provision or affordability
  • Lack of access to devices
  • Lack of skills and confidence, including life skills, work skills, and understanding online safety
  • Lack of inclusive digital design which accounts for accessibility needs

Although it cannot be definitively said how many people in the North East are digitally excluded according to this definition, particularly because there is a lack of data available on digital exclusion at local and regional levels, there is evidence that the North East has higher levels of digital exclusion than the rest of England, particularly in rural areas.

Digital inequalities are closely associated with other dimensions of inequality and can exacerbate these further. For instance, the key groups affected by digital exclusion include disabled people (who are often affected due to poor service design such as lack of screen reader compatibility or access to specific software or hardware) and asylum seekers (who are often locked out of language support or digital skills programmes due to insecure immigration status and receive insufficient financial support to access devices or a secure connection). These already disadvantaged groups’ digital exclusion is then a ‘gateway’ to further inequalities such as an inability to access certain services, opportunities, benefits, or difficulty engaging in social, political and economic life. This makes the need for long-term public policy solutions all the more pressing, especially when many of the shifts to digital brought on by the pandemic appear here to stay, while some of the support offered to digitally excluded people throughout the pandemic has already started to be withdrawn.

The report set out many recommendations for public policy solutions, including the right to access to a minimum 10Mbit/s connection at home regardless of income, the right to essential digital skills, and the right to affordable access to devices such as through loan-schemes or access through libraries and other public sector facilities. Also, because digital exclusion is deeply intertwined with other inequalities and deprivation, specific support should be given to these groups to target the specific forms of exclusion they face.

The report also outlined guidance for businesses, including:

  • Due to their deep understanding of local communities and their strong connections, organisations in the voluntary sector should work with public and private organisations with the aim to be the primary deliverers for digital inclusion initiatives. Local enterprises should seek to work with these social enterprises in order to promote digital inclusion initiatives within the private sector.
  • All public service providers should ensure that digital isn’t the only option – offer a suitable offline alternative for anyone who is unable to access digital services for any reason.
  • Website designers should implement inclusive service design and address language barriers on websites.
  • All employers should support their employees with digital skills development regardless of their role. Ensuring that all employees meet a basic level of digital skills will not only prepare them for the future, but also for their non-working life.

Read the full report by IPPR North here.

If you are interested in upskilling your employees with digital skills, Northumbria University is holding an informative webinar tomorrow, on Friday 10th December, 10am–11am in which you can find out more about their Skills Programmes with the Institute of Coding in software development and data science. Businesses have been offered a 70% subsidy, while individuals who mee the eligibility criteria can also take part in these for free. There are also free digital skills courses for all levels designed by Accenture over at Future Learn, and basic courses on Learn My Way, Make It Click, Microsoft, and Lloyds.

Freya Thompson

Knowledge and Research Executive

@NEEChamberFreya

Photo by Kaitlyn Baker on Unsplash