Johannesburg, 03 Nov 2021
Cyber criminals targeting corporates are not stereotypical ‘basement hackers’, and their phishing mails are so polished and professional that the average victims stand little chance of identifying them at face value.
This is according to Riaan Naudé, UK director of consulting at F-Secure Corporation, speaking ahead of a webinar on beating phishing by understanding attackers and the attack kill chain as it pertains to phishing attacks.
Naudé says criminals targeting corporates will put a great deal of effort into making their phishing mails look legitimate, with convincing logos, spelling and sender addresses.
“Attackers will be cunning enough to replicate known domains replicate and websites in a convincing manner, which will be registered well in advance and aged appropriately among other operational security actions to get past technical controls. The average user won’t be able to identify a phishing email by looking only at the email itself,” he says.
“These mails could sound like your boss, instructing you to enact a payment immediately. Or they could look convincingly like a mail from the coffee shop in your office lobby, offering you a discount on coffee. People will do anything for a free coffee, and I guarantee you that if people get a mail from their favourite coffee shop offering them a discount, they will click on it,” Naudé says.
Naudé says to overcome this vulnerability, a defence in depth approach is needed. “You need to build resilience across multiple phases of the kill chain. People have multiple products and services in place to mitigate risks via email, but as we can see, attackers bypass them. Awareness training and emphasis on reporting suspicious mails is as important as EDR is; and users need to know exactly how to report suspicious mails to make it easier for SOC analysts to work on it. For example, they need to know that when they simply forward a suspicious mail, they lose important technical information about the sender. They actually need to attach the intact email or have a 'report this email' button. This is in the absence of a solution with a button to report phishing emails."
Webinar: Beating phishing
Building resilience through the attacker’s perspective
16 November @ 11:00 (GMT+2)
Riaan Naudé will outline F-Secure’s learnings on how attackers target victims, craft phishing emails and payloads to execute on targeted systems, and ensure their attacks have been successful during the iOCO and F-Secure webinar on Beating phishing: Building resilience through the attacker’s perspective on Tuesday 16 November.
At this event, experts will outline cyber attacker methodologies at each stage of the kill chain and discuss successful defence in depth approaches to mitigate the risk of phishing. During the event, attendees will also receive an e-book on mitigating this risk.
For more information and to register for this event, go to https://www.itweb.co.za/webinar/ioco-beating-phishing/
Share