Email is used every day by businesses and individuals to send and receive data. This has been proven to make e-mails the number 1 gateway for ransomware. Ransomware is a serious threat that has the potential to permanently damage businesses and individuals. We have already reported on the experiences of an aggrieved entrepreneur who was on the verge of bankruptcy. To protect yourself from ransomware that IS distributed via email, there are some simple steps you can follow.

Tip 1: Avoid downloading unusual attachments

The first and most important tip to avoid ransomware infection is raising employee awareness and understanding not to open unknown attachments. If you receive an email that contains an attachment that you are not expecting, it is better not to download and open the attachment. Oftentimes, emails containing ransomware contain attachments that appear bogus or unusual. If you also receive an email that has such an attachment, it is better to ignore this email.

Tip 2: Use additional email security

Sole responsibility cannot and should not be delegated to employees. Increase protection status with external email security that helps filter suspicious email attachments, particularly ransomware. The use of a sandbox, in which all attachments are opened in a virtual environment in order to check their behavior and detect malware, is particularly efficient. Likewise, the solution should use multiple scan engines to avoid relying on just one vendor's detection rate.

Tip 3: Use external email archiving

Email is the heart of every company. If you no longer exist, this can mean insolvency for the company. A backup is essential for a system backup, but the backup is unsuitable for the complete restoration of e-mails. You can find the differences in detail in our article. External and cloud-based e-mail archiving to keep e-mails permanently available and tamper-proof against third parties and to keep ransomware.

Tip 4: Use regular backups

If an infection has occurred, regular backups for the servers and applications are required to keep downtime and data loss to a minimum. It is important that the backup planning is based on the 3-2-1 backup strategy. This is the only way to prevent backups from being encrypted and becoming unusable. The faster the recovery of the user accounts and the e-mail server is completed, the faster classic business operations can be resumed.

Tip 5: Rehearse the emergency

Rehearse the emergency at least once a year. How safe are the precautions against ransomware really taken? Are the employees sufficiently sensitized? How quickly can access to IT systems be restored? It's a good idea to have a disaster recovery plan that includes all of these steps and clearly defines who does what, and when. You can download our free template here.


Avoid downloading and suspicious and unknown content. You rely on additional e-mail protection through an external e-mail security solution and internal and cloud-based e-mail archiving. Rehearse the emergency at least once a year. Considering all these points, the risk of ransomware infection has greatly decreased. In addition, you are able to remain able to act in an emergency and restore the systems and the entire IT environment with sudden downtime.