Block and Prevent Phishing Attacks
The number of successful phishing attacks and the cost of their mitigation is alarming. Spear phishing, or email messages that appear to come from trusted authority figures and organizations, is used in more than 90% of attacks. Numbers show that when at least five individuals are targeted, a compromise is highly likely to occur, and the reported cost for the average, successful phishing attack is $300,000.
Unfortunately, the majority of attacks are not discovered by the organization, but by the FBI or credit card companies. Two tactics can help:
* Exploring some of the reasons why phishing attacks are succeeding despite the heavy use of technology; and
* Discussing mitigating approaches, such data and intelligence integration, training, and proactive approaches.
Everybody uses spam email/spam filters, but reports indicate that a large number of phishing emails still gets through. Unsophisticated attempts are usually caught, but the methods listed below contribute to successful phishing:
* Compromise of an existing email account and associated contacts (eventually flagged but too late);
* Modification of message content to resemble legitimate text, including text that appears appropriate to the business; and
* Messages sent from trusted IP addresses.
The strong desire to prevent phishing attacks can cause controversy when fingers are pointed at the person who clicked on the email causing all of the problems. In fact, some organizations run tests on employees to determine their reaction to spoof email created in-house. Most feel the answer to these issues is to introduce more training and ensure that organizational defenses and tools remain technically and organizationally state of the art.
The tools and technology used in the current approaches, while effective, is not enough. Deeper causes of ongoing problems are attributed to information silos held and not shared within organizations, and the need to supplement automation and rules-based approaches with more human interpretation of the big picture.
Awareness training emphasizes how to avoid phishing attacks, such as verifying content and sources and not opening suspicious attachments, but will never completely solve the problem. That said, training definitely helps, and tracking phishing email click rates can help in assessing and improving training programs.
Rather than reacting to attacks, some firms are proactively monitoring content changes in known phishing websites. This way, they can obtain and act on early warning intelligence.
Inundated with email phishing and malware attacks? Check out https://uptime.com/ to improve email and malware detection as well as security monitoring.