///////////////////////////////////////////////////////////////////////////////////////////
FINAL WORD
Thwarting
phishing attacks
with human
intelligence
Phishing remains one of the biggest
threats to businesses and organisations,
with innovative solutions required to
help keep attacks at bay. Alexandre
Depret-Bixio, Vice President of
Sales – META, Cofense, explains how
the company is leveraging human
intelligence as part of its phishing
defence and why this works so well.
W
Why is phishing such a threat to business, especially in
triggering data breaches?
Phishing is still the #1 cyberattack vector. The statistics supporting
this claim vary but all lead to the same conclusion – phishing is the
biggest spearpoint used in data breaches.
According to Verizon’s most recent Data Breach Investigations
Report, email is used in 96% of socially engineered attacks. What’s
more, Verizon notes that phishing and pretexting represent 93%
of all socially engineered data breaches. (Pretexting involves a false
narrative designed to trick the user.) And Cloudmark reports that
successful phishing attacks on average cost mid-sized companies
US$1.6 million.
Phishing emails deliver malware of every type, including ransomware.
Phishing is also a handy way to carry out social engineering. For
example: an email spoofing the head of HR asking employees to
click a link and log onto a page to agree to a corporate policy. Or
an urgent message – again, spoofing someone in the organisation,
perhaps even the CEO – sent to an employee in finance and
requesting a quick wire transfer. The latter is a classic case of business
email compromise (BEC), which the FBI estimates will cause over
US$9 billlion in losses in 2018 alone.
In short, there is no easier way for fraudsters and threat actors to
target your organisation than with phishing emails. It costs the
phisher little – he doesn’t need a gun to rob you.
www.intelligentcio.com
INTELLIGENTCIO
45