Receiving spoofed emails is a nuisance,
irritating and inconvenient, but generally spoofed emails are easy to identify and recipients delete
these emails – making spoofed emails irritating but practically harmless. But cybercriminals don’t
stop at spoofed emails. These savvy individuals are constantly trying
to improve their tactics and businesses need to keep pace. When cyber
criminals craft targeted spear phishing emails, spoofing can become a
potentially dangerous event.
Despite the overall decrease in the
volume of spam reported, the number of spear phishing attempts have increased dramatically, pushing
spear phishing to top of mind for IT professionals. With the increase in hyper-personalized spoofed
emails, the question remains, whose responsibility is it to prevent spear phishing attacks from
succeeding, employees or the organization?
Many individuals think that the onus of
preventing cyber attacks, including spear phishing attacks, rests on the employees not the organization.
However, this stance is a dangerous one to take; employees cannot solely be held responsible for
successful spear phishing attacks.
Underestimating cyber criminals can be
very costly to business operations; the responsibility to keep an organization’s assets safe does
not fall on its employees. The fact is there are solutions available
and
precautions organizations can take to
minimize the spear phishing attacks seen by employees.
The basic anatomy of all spear phishing
attempts includes a call to action; the recipient is prompted to click on a link, call a number, or open
an attachment. Spear phishing attacks are generally executed at
the end of the quarter in the evening
and are constructed in a way that requests the recipient to act.The uncanny (and well thought out
timing) coupled with spoofing, or the attacker pretending to know
the individual, makes spear phishing
emails a viable threat to an organization.
There are five steps organizations can
take now to minimize targeted attacks:
- Accept that both the organization
and its employees are probable targets. Then take the proper precautions; research email spoofing
solutions that will work well with the organization.
- Beware of links. The likelihood of a
spear phishing attack using a link – which downloads potentially dangerous malware – is a
high probability and can be mitigated using commercial software available today.
- Education. While email security
solutions are necessary, so is educating employees to minimize human error. There are firms that do
this for companies and have remediation programs that can be used in the fight against these
attacks.
- Use messaging intelligence.
Organizations can build this internally and there are solutions available. These solutions usually have
access to black lists and other resources that internally developed systems might not have.
- Turn up the volume. Well, maybe not
the volume per se, but turn up the sensitivity of the spam filters. Many organizations have
multiple spam filters that use different data repositories and algorithms to stop these malicious
attacks. Deploying a whitelist service in tandem with increasing the spam filter sensitivity
will provide comprehensive support.
There are solutions available today can
fight against spoofing, provide messaging intelligence and authenticate the integrity of the email
senders. With solutions like these available, organizations have no excuse for not taking the first step
in preventing malicious emails from ending up in employees’ inboxes. The responsibility resides on
organizations to implement proper security solutions and educate
employees to effectively combat spear
phishing attacks.
By Michael Knight, VP Solution Services
Michael Knight works as a senior
architect and technology advisor with responsibility for insuring successful TrustSphere implementations.
He works closely with customer and partner accounts in various industries such as financial
services, banking and insurance. Prior to joining TrustSphere, Mr. Knight was at Cassatt, where he worked
in the office of the CTO, leading technical teams for the creation of
private clouds within some of the largest data centers in the world.
Mr. Knight has nearly 20 years of history working in IT software and
infrastructure management, leading senior solutions architect and
residing on technical teams working with the five largest banks in
the world and the four largest insurance carriers in the U.S. Working
closely with CTOs and in various leadership roles, Mr. Knight has
focused his career on early stage software technologies surrounding
security and standards based application development using Java and
newer development paradigms including Service Oriented Architectures.
Mr. Knight holds a B.S. in Electrical Engineering from Boston
University and a M.S. In computer science from MIT.
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.
