What is Phishing Protection?
There is a broad range of cybersecurity threats. Some are driven by AI, while others use bots or brute force. Phishing attacks are more subtle and rely on phycology.
The goal of a phishing attack is to manipulate the target into performing an act. That includes divulging personal information, providing security or login credentials, sending money, shipping products, or releasing confidential intellectual property. Phishing cybercriminals can be individual hackers, state-funded actors, or involved in corporate espionage.
Key Ingredients for a Phishing Attack
Phishing cybercriminals understand how to leverage resources to gain knowledge. The more information they process about a targeted individual or business, the more successful they are in executing an attack. Even the smallest amount of data is valuable.
- The name of an employee’s friend
- Make and model of their car.
- A recent vacation or celebration
- Hobbies or interests
- Fear of authority, system viruses, physical illnesses, upsetting a superior, or losing money
- Excitement in a gift, job opportunity, or partnership
- Curiosity in a discovery, trying a new online application, or planning for retirement
- Anger toward local government, social injustice, or a sports team losing a match
- Fellow employees, superiors at work, or business partners
- IT or HR personnel
- Customer service representatives from banks, insurance companies, or credit card services
- Healthcare or government institutions
- Click a link where they need to enter information such as login credentials.
- Text their employee ID or social security number
- Key in a credit card number
- Buy a seemingly necessary software application.
Obtain Personal Information
Strategic attacks on a business often involve using personal information to target an individual or small group.
Invoke an Emotional Reaction
Phishing attacks are socially engineered, which means they rely on human psychology. After the cybercriminal conducts their research, they use the information to develop a scenario to invoke an emotional reaction.
Gain a Target's Trust
Once the attack is designed, the cybercriminal gains the trust of the target. That is accomplished by impersonating a known entity, which often involves creating an authentic-looking email sender address or messaging and chat credentials. Common personas include,
Request an Action
Once trust is established and emotion is invoked, the action is requested. That could occur on the first communication or after several communications. The target can be instructed to,
Once complete, the phishing attack either ends or continues with additional requests. Depending on the phishing attacker’s goal, it may progress to another attack type, such as the installation of malware or infiltration of a business, finance, or security system.
Strategic attacks on a business often involve using personal information to target an individual or small group.
- The name of an employee’s friend
- Make and model of their car.
- A recent vacation or celebration
- Hobbies or interests
Phishing attacks are socially engineered, which means they rely on human psychology. After the cybercriminal conducts their research, they use the information to develop a scenario to invoke an emotional reaction.
- Fear of authority, system viruses, physical illnesses, upsetting a superior, or losing money
- Excitement in a gift, job opportunity, or partnership
- Curiosity in a discovery, trying a new online application, or planning for retirement
- Anger toward local government, social injustice, or a sports team losing a match
Once the attack is designed, the cybercriminal gains the trust of the target. That is accomplished by impersonating a known entity, which often involves creating an authentic-looking email sender address or messaging and chat credentials. Common personas include,
- Fellow employees, superiors at work, or business partners
- IT or HR personnel
- Customer service representatives from banks, insurance companies, or credit card services
- Healthcare or government institutions
Once trust is established and emotion is invoked, the action is requested. That could occur on the first communication or after several communications. The target can be instructed to,
- Click a link where they need to enter information such as login credentials.
- Text their employee ID or social security number
- Key in a credit card number
- Buy a seemingly necessary software application.
Once complete, the phishing attack either ends or continues with additional requests. Depending on the phishing attacker’s goal, it may progress to another attack type, such as the installation of malware or infiltration of a business, finance, or security system.
Download our latest eBook. This new approach to networking comprises a set of truly integrated, cloud-managed security services delivered on-prem or in the cloud with centrally managed security. Learn how to:
- Reduce complexity and operational overhead
- Deliver ease of use/transparency for users
- Enhance security with zero-trust network access
- Spear phishing, which focuses on a single target.
- URL phishing impersonates a known entity, such as your bank.
- Lateral phishing uses hijacked business email accounts to send phishing emails to one or many recipients.
- Spam phishing or mass email phishing targets a large number of people.
- Voice phishing are robot-phone calls using automated messaging systems to solicit and record responses.
- SMS phishing uses messaging applications instead of email or voice to deliver the attack.
- Email phishing is the most commonly used and traditional means of phishing.
Stop Phishing Before It Starts
The overwhelming majority of phishing attacks are conducted using email. Having a multilayered cybersecurity posture, which includes a secure email service, is paramount to preventing phishing attacks. A secure email service should include several capabilities.
- URL filtering and Brand Protection - confirms domain authenticity and detects false sender addresses, often associated with a phishing attack. It also filters out domains that are not authorized to send emails to the organization.
- DNS Blocking - prevents users who click a link from visiting websites that are known to be malicious
- Deep Inspection - delivers deep message and attachment analysis with spam, malware, and phishing filtering.
- DLP (Data Loss Protection) - intercepts unauthorized outgoing communication containing sensitive information such as security credentials, credit card data, or controlled documents such as confidential engineering drawings.
- Isolation - sends any suspicious messages to a quarantine zone or sandbox outside the organization’s infrastructure for further inspection.
- Messaging Integration - coordinates cybersecurity processes and policies with instant messaging services like IM, Slack, and Skype.
Employee phishing detection training is essential. A multi-layer cyber-security posture will halt nearly all phishing attacks before they enter the organization.
Unfortunately, not all phishing attacks originate from outside the corporate. Some are internal threats perpetrated by employees or individuals who are authorized to access systems.
It is recommended to periodically train users on how to identify, respond to, and report phishing attacks.
Contact our customer advocates and learn about our phishing protection and secure email services. Discover more about implementing a complete cybersecurity posture with MDR (Managed Detection and Response) or SASE (Secure Access Service Edge).
Leave Complexity
Behind
To learn how Open Systems SASE Experience can benefit your organization, talk to a specialist today.
Contact Us