They say nothing is certain in life except for death and taxes. You can add one more to that list: phishing attacks. Hackers continue to do their homework and innovate as the number one cybersecurity threat refuses to be contained.
According to an article on the Dark Reading website, “Email continues to be an extremely effective vector for delivering malicious content because of how adept attackers have become at tricking users over the years.”
Two of the newer methods involve hackers using HTTPS websites, which are supposedly safe, and exploiting trust in file sharing sites like Dropbox and Google Drive. According to the article, “File-sharing sites have become very common, so users are likely to be less suspicious of interacting with content on these services.”
That’s where the real evolution has taken place. Not in the exploit method (i.e., phishing), but in the sleight-of-hand used by attackers to get user to let down their guard. According to FireEye, these types of phishing attacks rose by 17% over the previous quarter. “The top spoofed brands across these activities included Microsoft, with almost 30% of all detections – followed by OneDrive, Apple, PayPal and Amazon, each within the 6-7% range.”
What’s the message? If you’re responsible for the security at your company, settle in for the long fight. Phishing attacks are not going to stop and hackers are not going to stop evolving. Oh, and you’re going to need technology to help you.
To have any chance against these moving targets, you’re going to need phishing prevention technology that includes the following:
- Smart quarantine
- Real-time link checking
- Display name spoofing protection
- Domain name spoofing protection
- Malicious attachment blocking
- Protection for mobile devices
- Advanced email security including SPF, DKIM and DMARC
Try Phish Protection FREE for 30 days. It comes with all of the above and the best 24/7 customer support in the industry for pennies a day per employee. You’ll be up and running in 10 minutes.