Today, phishing attacks are a ubiquitous part of the Internet.
The primary target for phishing attacks has always been credentials for financial sites. Take the South African Revenue Services (SARS) for example. Reports reveal that SARS is under threat from phishing scams. The organisation is encouraging South Africans not to click on any link, sent by the perpetrators via e-mail, which asks them for their banking details.
It used to be easy to spot phishing attacks directed at users. However, today's attacks are much slicker, very well crafted and often convincing enough. Often the URL is manipulated to make readers think they are visiting one site, when in fact, are directed to another. Look-a-like Web site forgery is used too, creating an identical copy of a Web site at a near-accurate URL.
More worryingly, businesses have had to respond to the challenge of directed attacks, known as spear phishing, and puddle phishing, whereby the attacker is choosing a specific organisation to target. Any site of value with a login prompt is now a target, especially if the same login credentials can be used at other sites.
"The risk to an organisation from a phishing attack is significantly greater because corporate intellectual property could be at risk, as well as long-term access to internal systems if the attack goes undetected," says Heino Gevers, security specialist at Mimecast South Africa.
Protecting your business against phishing means using a variety of tactics; consider the following:
Good perimeter security combined with up-to-date browser and desktop security apps is a given. Educating users to double-check URLs before they click on them adds a smart social protection. Remember, too, that no one is beyond the reach of these attacks - there is a form of phishing called "whaling" that seeks to target all but high-level or C-suite executives. Educating those users might be a challenge now, but much less of a problem than cleaning up after exploitation.
If you are in the business of hosting a platform that requires users to login and supply personal information, your biggest challenge is reacting to attacks that use your branding as bait. Helping your users identify your legitimate platform using certificates and enhanced authentication protocols is essential.
Do not trust links coming from your contacts through messaging clients like GMail, Skype and Twitter. Your contact's account may have been compromised and you are one click away from being compromised yourself.
Do not simply click on pop-ups that appear on Web sites. Check the link before clicking on it, and only click on it if you really need to. You can use https://www.virustotal.com/#url to check a URL before opening it.
Verify that the links in the e-mail really go to the correct URL. In most applications, you can do this simply by hovering over the link, which will expose the underlying URL. If you stumble across an odd-looking Web site, verify it or submit it to a service like PhishTank.
Mimecast will participate at this year's ITWeb Security Summit, taking place from 7 to 9 May at the Sandton Convention Centre. For further information, click here.
Share