Here are some worrying phishing-related facts from 2020:
Phishing was present in of breaches compared to 25% in 2019
According to a survey, of Canadian organizations were targeted with COVID-19 related phishing (and other) attacks
There were almost more phishing complaints in 2020 compared to 2016
According to the Phishing by Industry 2020 Benchmarking Report, almost all industries are at risk of phishing attacks, including:
Healthcare & Pharmaceuticals
Education
Manufacturing
Construction
Business Services
Technology
Consulting
Consumer Services
To prevent phishing scams in your organization, Packetlabs suggests the 4-step approach explained below.
The best way to avoid phishing attacks is to prevent phishing attacks. One way to do this is by deploying “ahead-of-threat” attack prevention tools.
This approach, developed by IBM Research in Tokyo and IBM X-Force, involves monitoring Domain Name Server (DNS) traffic and analyzing DNS data to:
Identify, categorize and block malicious domain names that bad actors use to register phishing websites
Detect infected devices
Provide actionable information for forensic investigations
This proactive approach helps organizations identify malicious domains before scammers can use them in a phishing attack and before the threat becomes visible. Another advantage is that IT leaders in organizations can quickly find and remediate compromised endpoints with this approach and thus limit the damage across the network. To further strengthen your endpoint monitoring capabilities and prevent phishing attacks from increasing across the entire network, deploy a robust Endpoint Detection and Response (EDR) tool.
Many tools are available that prevent phishing emails from reaching users. However, scammers usually find a way around these tools and can bypass traditional Secure Email Gateways.
Artificial Intelligence (AI) tools fight phishing inside users’ inboxes. AI goes beyond simple signature detection to learn the user’s email communication habits. It can then automatically detect anomalies – and potentially suspicious – behaviours and provide security teams with actionable data so they can respond quickly to what might be a phishing scam. AI can also scan inbound links in real-time to determine whether a particular page is fake and automatically block access to verified malicious links.
There’s no email without users, and there’s no email security to prevent phishing without user awareness. Build a strong security awareness program so employees learn to spot phishing tactics and how they can avoid falling victim to them. Provide updated information on current phishing trends, and share advice about cybersecurity strategies. Make them aware of the organization’s policies and tools to mitigate or prevent phishing scams.
As part of the security awareness program, it’s also essential to:
Reiterate why they should not click on suspicious links or attachments
Inform that they should forward suspicious-looking emails to the security team
Give feedback on whether they’re flagging emails correctly
Maintain a positive rather than a punitive culture around phishing prevention
Train employees at all levels, from the C-suite to the most junior, from at-location staff to remote workers
A simulated phishing attack test, also known as a phishing penetration test, aims to:
Assess the effectiveness of enterprise security awareness training programs
Establish whether employees are vulnerable to phishing emails
Help users better understand phishing attacks
Penetration tests provide a benchmark for security awareness, enable security teams to take remedial action to improve this awareness, and ultimately strengthen the organization’s cybersecurity posture.
For maximum effectiveness, these tests should be conducted regularly. They should also mimic real-life phishing attacks with emails that result in users submitting sensitive emails on a fake website, e.g. passwords, credit card details, etc. Furthermore, pen testers must deploy numerous phish of varying difficulty levels and monitor which emails are opened, clicked, or have credentials entered. Use the results of this campaign to strengthen your employee education program.
The four strategies explained above provide a robust approach to prevent phishing. In addition, you should also limit user access, especially to high-value systems and data. This approach can help protect sensitive and business-critical information from both malicious and negligent compromise. You can also monitor user behaviours to identify and address the risks of insider threats.
The Packetlabs team are your penetration testing experts for all kinds of use cases, including phishing prevention. If you suspect that your organization is highly vulnerable to phishing attacks, we recommend you get a phishing pen test done. Talk to an expert or ask for a free quote.
October 24 - Blog
Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.
September 27 - Blog
InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.
September 26 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.