t cht lk
address being spoofed. This makes it difficult
for end-users to spot attacks. It has been
stated that 91% of cyberattacks and their
resulting data breaches now begin with a
spear phishing email message.
Phishing has evolved in lockstep with the
‘malware-as-a-service’ phenomenon.
Phishing emails come in all shapes and sizes
and unfortunately no single product will
fully protect your business from phishing
attacks. Phishing is now run as a business
and cybercriminals have been using different
attack strategies to retrieve information from
their target. Some of the strategies include
phishing services, off-the-shelf phishing kits
and business email compromise.
Free phishing kits
An interesting facet of the phishing
ecosystem is that there is a large number of
actors committing attacks but only a small
number of phishers that are sophisticated
enough to write a phishing kit from scratch.
Because of this, phishing kits are now widely
available for download from dark web
forums and marketplaces and give attackers
all the tools they need to create profitable
phishing attacks: emails, web page code,
images and more.
Attacks-as-a-service
In fact, attackers don’t even need to know how
to create malware or send emails anymore.
As-a-service and pay-as-you-go solutions
permeate most online service technologies
and phishing is no different, with a range of
services increasingly available to attackers:
• Ransomware-as-a-service allows a user
to create an online account and fill out
a quick web form, including the starting
ransom price and a late payment price
for victims. The provider of the service
then takes a cut of each ransom paid,
with discounts offered if the user is able
to translate the malware code into new
languages or if the volume of the attack
exceeds a certain level
• Phishing-as-a-service allows users to pay
for phishing attacks to be sent for them,
using global botnets to avoid known
dodgy IP ranges. Guarantees are even
made to only bill users for delivered email
messages, much like any legitimate email
marketing service
96
INTELLIGENTCIO
“
PHISHING IS
NOW RUN AS A
BUSINESS AND
CYBERCRIMINALS
HAVE BEEN
USING DIFFERENT
ATTACK
STRATEGIES
TO RETRIEVE
INFORMATION
FROM THEIR
TARGET.
These services have led to the explosion of
phishing attacks highlighted earlier, as any
attacker can launch an attack regardless of
technical skill.
Phishing attack prevention:
How organisations must protect
themselves from getting hooked
Stop threats at the door
The best defence against phishing emails is
your email gateway. Email protection is your
watch guard, blocking 99% of unwanted
email at the gateway, including malicious
attachments, content and URLs, long before
an end-user ever sees them.
Web filtering is another must-have as a front-
line defence, filtering and blocking infected
URLs should your users click an email link.
And file sandboxing ensures those nasty
malware laden downloads get removed from
the threat chain early on.
Protect your weakest link – users
Even with the best upfront filters, attacker
methods such as BEC – with no executables
or links to detect – may still get through.
Appropriate training and education is critical
for ensuring that all your employees know
how to spot and deal with these types of
email messages.
Secure your last line of defence
If your click-happy end-users inadvertently
unleash potent, powerful malware on to
your systems, there’s still ample opportunity
to stop the damage and even reverse its
effects. Next-generation exploit prevention
solutions will identify, analyse and neutralise
the effects of even the most advanced,
unseen malware out there and automatically
clean up all trace of infection so you can get
on with your day.
Know your business
Make sure your company processes are
understood, that you encourage employees
to question requests that seem out of
www.intelligentcio.com