According to the industry news source VentureBeat, 70% of the IT groups surveyed indicated an increase in phishing attacks in 2020:
“One of the reasons for the success of phishing is its ability to continuously evolve and diversify, tailoring attacks to topical issues or concerns such as the pandemic and playing on human emotions and trust.The temptation for organizations can be to see phishing attacks as a relatively low-level threat, but that underestimates their power. Phishing is often the first step in a complex, multi-stage attack.”
How Email Phishing Works
Users receive a customized email related to a topic of business or personal concern. The emails tend to be very well crafted and will seek to emulate communications from a trusted source. These could include, for example, emails that indicate they are coming from Apple, retail stores, or the company’s software providers. In other cases, the email seeks to emulate communication coming from inside the company.
Inside the email there is a call to action that takes the user to another website. Within that website, malicious attempts are made to get the user to engage in security breaches such as downloading software or providing user names and passwords. This provides a gateway into an otherwise secure company network.
Advanced AI To Block Phishing Email Threats
Email phishing is a highly developed attack vector. The tactics are evolving every day. Here’s how ITRemedy keeps their clients a step ahead of the malicious actors:
All emails are scanned before they reach the user’s inbox. The scanning software we use includes AI that can spot and learn from attempted malicious behavior. If the email is coming from a source that the user does not regularly interact with, a flag is set. Then the email is quarantined, and an alert is issued. The user can tag the communication as a fake email. When this occurs, the system creates a rule to block other emails from this source.
Blocking Malicious Websites
Hackers are getting so good at creating fake emails, software cannot filter out all of them. The second layer of protection engages when users click on the phishing website link. As one option, our clients can set a list of authorized site URLs, and the software will block attempts to access sites that are not on the white list.
In cases where open Internet access is allowed, ITRemedy engages techniques to identify hacking sites. Hackersset up domainsquickly, exploit their use for a couple of weeks, then close down the domains. A website has a viewable registry that tells the scanning software when the domain was set up. If it is less than thirty days old, access is blocked, and an alert is issued for further consideration by the user.
End User Security Awareness
Email phishing protection has two facets. One of which is software-driven interdiction and response. The second is employee security awareness development. According to the industry news source Cybersecurity Dive:
“It’s critical to understand which users are the most targeted and which of them are the likeliest to fall for the social engineering that phishing attacks rely on. Users are a critical line of defense against phishing, and security awareness education provides a foundation to ensure everybody can identify a phishing email and easily report it.”
ITRemedy Provides Training
ITRemedy provides formal and informal training to users to raise their awareness of IT security. We find that by educating and reminding users to be on the lookout for suspicious emails and report them to the IT group when encountered, there is a significant increase in overall IT security. Our classes are customized to meet our client’s specific requirements and can be delivered in person, through training videos, or through online education.
Email phishing is a serious threat that should be addressed through both software protection and user education. ITRemedy provides the most advanced AI-based scanning and interdiction software in the industry. Our training is personable and time-efficient. We would be happy to discuss the techniques for keeping your company’s email environment secure in a personal dialog.