Phishing is one of the biggest cyber threats faced by businesses and stopping phishing attacks from succeeding can be a big challenge. The purpose of phishing is usually to obtain sensitive information, most commonly employee credentials to email accounts, cloud services, social media accounts, or credit card or banking credentials. This is also achieved through the use of malware that is delivered using phishing emails.
Phishing attacks can take place over the telephone, via text message, social media networks, instant messaging, or any other form of communication, but most commonly the attack vector is email. For a phishing attack to be successful, user interaction is usually required. An employee must be convinced to part with the information that the phisher is targeting, and a wide range of lures are used to encourage that. Social engineering techniques are also used to encourage prompt action to be taken – To respond without really thinking too much about the legitimacy of the request.
At its most basic level, a phishing attack requires little skill and next to no financial outlay; however, many phishing campaigns now being conducted have been carefully crafted, research is conducted on the companies and individuals being targeted, and the websites used to harvest credentials are skillfully created and often carbon copies of the genuine websites that they spoof. Phishing emails often appear to have been sent from a trusted brand or contact, either by spoofing a genuine email address or using a compromised email account.
Some phishing attempts are laughable and are easily identified, others are much harder to identify, with some of the most sophisticated phishing emails virtually indistinguishable from genuine email requests.
As a business, you should take steps to improve your defenses against phishing attacks, as failure to do so could easily result in a malware or ransomware infection, costly data breach, theft of intellectual property, and damage to the reputation of your company.
Tips for Businesses to Improve Their Defenses Against Phishing Attacks
To help you improve your defenses and prevent phishing attacks from succeeding we have listed some of the steps you can take below. No one solution will be totally effective. The key to preventing phishing attacks is to implement overlapping layers of protection. For a phishing attack to succeed, it should be necessary for an attacker to bypass several layers of security.
- Use an advanced spam filtering solution
The number one protection against phishing is a spam filter. A spam filter will prevent the majority of phishing and other malicious emails from reaching inboxes where they can be opened by employees. Advanced spam filters such as SpamTitan use many different methods to detect phishing emails. The message body and email headers will be analyzed for the signatures of phishing, blacklists are used to block emails from known malicious IP addresses and domains, and machine learning techniques are used predict the likelihood of a message being malicious. SPF and DMARC is used to block email impersonation attacks, along with greylisting to identify new IP addresses that are being used for phishing.
- Provide regular anti-phishing training to employees
Even with an advanced spam filter, some phishing emails will sneak through so it is essential for employees to be trained how to identify phishing emails. They should be taught cybersecurity best practices, the dangers of macros and email attachments, and conditioned not to click on embedded hyperlinks in emails. You need to train your employees and provide regular refresher training sessions. You should also conduct phishing email simulations, otherwise you will not know if your training has been effective.
- Implement 2-factor authentication
2-factor authentication requires the use of a second factor in addition to a password to gain access to accounts. In the event of a password being compromised in a phishing attack, without that second factor, it is difficult for the attacker to access the account. Many businesses fail to implement 2-factor authentication, even though it is highly effective at preventing unauthorized account access using stolen credentials.
- Implement a web filtering solution
Spam filters are important, but many businesses fail to implement measures to block the web-based component of phishing attacks. A web filter will block attempts by employees to visit known phishing sites when they click links in emails, but also block redirects to phishing websites from general web browsing. Not all phishing attacks involve email. With a web filter in place, any attempt to visit a known malicious website will see that attempt blocked.
- Make sure you patch promptly and update your software
Phishing emails are not always concerned with getting employees to disclose their credentials, oftentimes the aim is to simply get them to click a link in an email and visit a malicious website. Compromised websites are loaded with malicious code that probes for vulnerabilities and exploits those vulnerabilities to silently download malware. After the link is clicked, no further user interaction is required. By patching promptly, these exploits will not work.
TitanHQ has developed two anti-phishing solutions for SMBs and managed service providers (MSPs) serving the SMB market. SpamTitan is a powerful anti-spam solution with advanced features for blocking phishing attacks and is an ideal solution for layering on top of Office 365 to improve your phishing defenses. WebTitan is a cloud-based web filtering solution that prevents employees and guest users from visiting malicious websites. For further information on these solutions, to register for a free trial, or to book a product demonstration, give the TitanHQ team a call today.