(MENAFN- Muscat Daily) Muscat- Phishing is one of the most common attack vectors for hackers who exploit end-user behaviour as the weakest link in an organisations cyber-defence. For years, criminals have disguised attacks in emails and today we see phishing emails as a primary delivery method for ransomware payloads. Phishing emails have led to massive data exposures, which caused major reputational and financial damage in the private and public sector over the last few years. As cybercriminals continue to prey on employees through their technology, they are always taking measures to be one step ahead. In an organisation, all it takes is one employee to take the bait. To this end, Harish Chib, vice president, Middle East & Africa, Sophos, discusses how to identify and avoid phishing scams.
Phishing has evolved in lockstep with the 'Malware-as-a-Service' phenomenon. Phishing emails come in all shapes and sizes, and unfortunately, no single product will fully protect your business from phishing attacks. Phishing is now run as a business and cybercriminals have been using different attack strategies to retrieve information from their target. Some of strategies include phishing services, off-the-shelf phishing kits and Business Email Compromise. An interesting facet of the phishing ecosystem is that there are a large number of actors committing attacks, but only a small number of phishers that are sophisticated enough to write a phishing kit from scratch. Because of this, phishing kits are now widely available for download from dark web forums and marketplaces, and give attackers all the tools they need to create profitable phishing attacks: Emails, web page code, images, and more.
In fact, attackers don't even need to know how to create malware or send emails anymore. As-a-service and pay-as-you go solutions permeate most online service technologies, and phishing is no different - with a range of services increasingly available to attackers. Ransomware-as-a-service allows a user to create an online account and fill out a quick web form, including the starting ransom price and a late payment price for victims. The provider of the service then takes a cut of each ransom paid, with discounts offered if the user is able to translate the malware code into new languages or if the volume of the attack exceeds a certain level. Phishing-as-a-service allows users to pay for phishing attacks to be sent for them, using global botnets to avoid known dodgy IP ranges. Guarantees are even made to only bill users for delivered email messages, much like any legitimate email marketing service.
These services have led to the explosion of phishing attacks highlighted earlier, as any attacker can launch an attack regardless of technical skill. The best defence against phishing emails is your email gateway. Email protection is your watch guard, blocking 99 per cent of unwanted email at the gateway, including malicious attachments, content, and URLs - long before an end user ever sees them.
Web filtering is another must-have as a front-line defence, filtering and blocking infected URLs should your users click an email link. And file sandboxing ensures those nasty malware laden downloads get removed from the threat chain early on.
Even with the best upfront filters, attacker methods such as BEC, with no executables or links to detect, may still get through. Appropriate training and education is critical for ensuring that all your employees know how to spot and deal with these types of email messages.
Make sure your company processes are understood, you encourage employees to question requests that seem out of character from other employees, and ensure that you have a two-stage approval process for significant fund transfer requests.
MENAFN1707201801410000ID1097171175
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.