How to deal with the increase in phishing attacks

How to deal with the increase in phishing attacks

Today, when a business receives an external attack, it most often starts with a phishing attack.

This type of attack is based on human error, since every day workers open or use dozens of e-mails with their corresponding links in them. The threat of phishing this year 2020 has increased notably due to the increase in remote working.

When this year 2020 ends, he will be remembered for the start of the Covid-19 pandemic, and for a significant advance to the digital world thanks to teleworking from home. In this sense, remote work has acquired great prominence and laws such as the telework law have been passed.

Security awareness and human error

Phishing attacks pay off to cybercriminals. Their initiation process is as simple as emailing victims, and waiting to see who takes the bait. These criminals take advantage of the fact that the workers are human, and that sooner or later they end up making a mistake. One way to improve this is security awareness training as a multi-layered defense strategy. Not enough, simulating attacks during training sessions is not always an effective way to learn, the reason is simple: these people do not necessarily retain the information or not all that they should.

Another aspect that we must take into account is that we will always be more vulnerable to this type of attack if we telework, because it is very possible that we do not have the appropriate filters and correct security settings in our home. For example, companies can use proxies with traffic filtering to check any threat in real time, this is not possible at home, unless we connect via VPN to the company and tunnel all traffic, both work traffic Like the staff, in this way, the traffic before going to the Internet will go through the company's filters.

In this sense, the increase in teleworking from home considerably increases the distractions we face. Thus, in these trainings conducted from our homes, it is not strange to see how the participants fall into the same scam over and over again.

To mitigate the threat of phishing, a good option is to reinforce with a lesson during a live attack. The moment someone clicks on a harmful URL, defenders must be able to simultaneously block the attack. Next, they have to show the worker what that cybercriminal was trying to do. In a sense, it's like matching theory lessons with a real-life example.

Phishing attacks in companies

Most CISOs (Chief Information Security Officer) believe that the threat of phishing is a corporate email problem, and that their current line of defense is sufficient. However, these CIOs are wrong. These attacks can easily evade email phishing defenses that rely on static reputation-based detection. For this reason, we see that many times they bypass the conventional first lines of defense to compromise a network.

In that sense, the threat of phishing is based on the identity theft of large companies such as Microsoft, which is currently ranked number one. We could also add others as well known as Amazon, DHL, Zoom, Dropbox and Slack. Another thing to keep in mind are phishing attacks on the mobile sector, in this section they are aimed at companies such as WhatsApp, PayPal and Facebook. We must also take into account the different types of phishing that we can find today.

How to protect ourselves from the threat of phishing

To protect ourselves we must take a comprehensive approach to defense against the threat of phishing with multiple layers outside the firewall. In this sense, it is necessary to protect mobile devices and PC / Mac endpoints with the implementation of end-to-end encryption. Therefore, we must worry as much about the safety of the workers who work from the company and are protected by its firewall, as of those who do it externally.

You also have to worry about the computers and credentials employees use on their personal and business accounts. For this reason, these computers and devices must be protected with the latest updates and appropriate security software. In addition, a preventive security policy must be established, currently we already have defenses enabled by AI to combat attacks.Finally, sometimes these attacks inevitably bypass all defenses, and we must be prepared to respond. In that sense, we have to be prepared with a good incident plan and backed up by backup copies.

Date update on 2020-11-16. Date published on 2020-11-16. Category: Computer class Author: Oscar olg Fuente: redeszone