Thousands of New Phishing Websites Created Every Week

Jul 19, 2012 | Cybersecurity Advice, Internet Security News, Web Filtering

New research indicates the threat from phishing is growing at an alarming rate, with thousands of new malicious websites being created every week. Detection rates of new phishing sites are also increasing, thanks to new software introduced by the Anti-Phishing Working Group (APWG).

APWG is a pan-industrial not-for-profit organization dedicated to improving Internet security. The organization works alongside law enforcement to reduce identity theft and make it harder for online criminals to operate. One of the ways it achieves its aims is by finding new websites set up by cybercriminals to obtain login names, passwords and other sensitive information from Internet surfers.

A recent report issued by APWG shows an alarming rise in the number of new phishing websites, indicating cybercriminals are concentrating on this attack vector to obtain the data necessary to commit fraud and steal identities.

In the month of February alone, 56,859 new phishing websites were detected. This rate of detection has not been achieved since August 2009. February’s count of new phishing websites was 1% higher than the organization’s August 2009 figures. While this suggests there has been a major increase in cybercriminal activity, the company’s new detection software may account for the rise in detection. That said, the threat from phishing is certainly growing.

What does a phishing website look like?

The reason that phishing websites are so dangerous is they look exactly the same as legitimate websites. Criminals are investing a considerable amount of time and money into creating spoof sites that are highly convincing. Big brand name websites are now being spoofed, with Amazon and E-bay just two of the major retail sites that have had fake versions created to fool users.

It is not only the retail industry that is being affected. Criminals have created phishing websites that look the same as those of major banks and financial institutions. If users can be fooled for long enough to attempt to login to the websites, criminals will obtain their credentials and be able to make bank transfers. Huge sums of money can be transferred and withdrawn by criminals before the victims even realize.

The majority of the fake websites discovered by APWG were located in the United States. Over half of those websites used the brand names of large organizations to fool users into revealing their sensitive information. This is achieved by creating a website that looks very similar to the brand being spoofed, with the domain name also featuring the brand name.

Security software identifies phishing websites and neutralizes the threat

There may now be more phishing websites than ever before, but fortunately action is being taken. When new sites are identified, the companies hosting those sites are alerted and the websites are closed down. Hackers and other cyber criminals may be devising more sophisticated ways of obtaining sensitive information from businesses and consumers, but detection software is also becoming more sophisticated. Companies such as SpamTitan Technologies have devised software that can rapidly identify phishing websites, allowing the threat to be neutralized. However, the volume of these malicious sites is such that even with rapid identification, it is not possible to totally eliminate the threat they pose. All that can be done is to use a web filter to prevent Internet users from visiting these websites.

Employees are not reporting phishing emails and websites to their IT departments

Many companies have developed policies which require members of staff to report suspicious emails and websites to their IT departments. By sending a quick email, the IT department can ensure that the threat is neutralized. Unfortunately, despite these policies existing, they are not being followed by all members of staff.

SpamTitan conducted a survey earlier this year which revealed that 70% of organizations had suffered losses as a result of phishing and spear phishing emails that had not been reported to their IT department. If staff members receive security awareness training, and report attempted phishing attempts, the emails can be deleted promptly to neutralize the threat. A failure to report those emails is likely to see some members of staff fall for the scams.

Many of these phishing scams seek to obtain access to sensitive data in order to commit fraud against individuals. If criminals can gain access to a business network, they can potentially obtain sensitive information from the entire workforce. The loss of data and system downtime can cost companies millions of dollars. When customer or healthcare data is stolen, the costs of resolution can be even higher. Theft of customer and patient data can trigger a wave of class-action lawsuits and result in regulatory bodies issuing heavy financial penalties.

What is the solution?

The cost of data breach resolution is considerable, but it does not cost a small fortune to take proactive steps to reduce the likelihood of a data breach being suffered. If organizations are proactive and implement a range of security measures, the risk of cyberattacks and data breaches can be effectively managed.

It may not always be possible to prevent phishing emails from reaching inboxes, but it is essential that employees are security aware and know how to identify suspicious and malicious emails in case they are delivered. There must also be an easy way of reporting such emails so that prompt action can be taken to neutralize the threat.

What security measures can be implemented to reduce the risk of a data breach?

Robust, multi-layered security defenses can be implemented to protect data and networks from attack, although there is no single solution that will work for all organizations.

Some of the measures that can be implemented to keep networks and data secure include:

  • Encrypt all customer, client and patient data stored on networks
  • Devise a secure password policy and ensure that it is enforced
  • Make sure users change their passwords every 3 months
  • Conduct security awareness training
  • Issue cybersecurity bulletins to alert employees to new risks
  • Purchase a robust email spam filter to stop phishing emails from reaching inboxes
  • Use web filtering to restrict the websites that can be visited by employees
  • Perform regular risk assessments to identify new security vulnerabilities
  • Ensure anti-virus and anti-malware solutions are installed on all devices connected to a network
  • Make sure all software and virus/malware definitions are updated regularly
  • Conduct periodic security audits to check for malware and viruses that have inadvertently been installed

Don’t Block Social Media Accounts: Manage Access

Jul 10, 2012 | Cybersecurity Advice, Social Media

Social networking websites are here to stay. They may have been created to give people an easy way to stay in touch with friends, family and meet new people, but there are considerable benefits for businesses. In fact, any business that has not yet embraced the social media revolution is likely to be losing customers to competitors.

However, social media use at work does carry security risks and employees may spend a lot of their working day posting status updates, reading articles, and communicating with their contacts.

A study was recently conducted by Proskauer Rose that set out to explore some of the problems businesses are having with social media website use by employees. It would appear that social media access is not being effectively managed by some businesses, and employees are spending too much time accessing the likes of Facebook, LinkedIn, Twitter and Pinterest.

Key findings of the Proskauer Rose social media study

  • Social media misuse was reported as being a problem for 43.4% of respondents
  • 3% of companies have taken disciplinary action against employees for misusing social networks
  • Surprisingly, 45% of companies do not have a social media or Internet policy covering usage at work

There are benefits to be gained from allowing employees to have some time each day to access the websites, should they wish to do so. Unfortunately, the drawbacks can outweigh the advantages if care is not taken and usage is not effectively managed.

In addition to time being spent on the websites instead of work being performed, there is a considerable risk to network security. Malware and phishing schemes are rife on social media networks. Then there is the issue of wasted bandwidth. On the plus side, employee productivity can be increased by allowing some time to access accounts each day, and businesses can harness the potential of social media and get closer to their customers.

Provided use is managed, the benefits can outweigh the disadvantages. The solution is to implement policies to control usage in addition to software solutions to block access if necessary.

Protecting networks from attack and controlling social media use at work

Simply implementing a ban on accessing the websites is rarely an effective strategy. Staff morale can fall, and end users will carry on accessing the websites if they want to. They may just use their Smartphones to do it instead. The best methods to use to keep networks secure and control access are:

Implement Web technology solutions to protect corporate networks

Many companies use a web filtering solution to prevent employees from accessing websites that are inappropriate for the workplace. Gambling websites for instance, pornography, and bans of file-sharing sites are common. It may be tempting to use web filters to block all social media websites as well, but this would prevent the company from maintaining a social media presence.

Some web filters offer much more granular controls. They can quickly and easily be configured to block certain user groups from accessing the websites.

SpamTitan Technologies offers such a solution. The web filter means that HR departments can work with IT to implement appropriate controls that allow employees some time to access the sites, while ensuring that the social media needs of the business can be met.

Role based settings can be implemented and can even be set by at an individual level. If misuse becomes a problem, an individual can lose the right to access the sites at work. If one employee misuses Facebook, the whole workforce, including those who use the sites responsibly, should not be penalized.

Implement an Internet and Social Media Usage Policy

Regardless of your decision on social media use at work, you must implement a policy to cover usage. Your policies should cover acceptable use of the Internet, the types of web content that cannot be viewed, and the repercussions for attempting to view objectionable or banned content. If you do not have policies in place, from a legal standpoint you may have difficulty taking action against individuals for inappropriate use.

It is important that Internet and social media restrictions are explained to staff members in terms of the risk they pose to the business. Restricting access is not only about ensuring time is spent productively. Cybercriminals are targeting businesses using malware, viruses and phishing campaigns. It is all also easy to inadvertently infect a computer with malware or become part of a botnet.

Develop policies to cover usage, explain the risks and they can be effectively managed without implementing an unpopular and counterproductive social media ban.