5 steps to reducing the risks of spear-phishing attacks
For most businesses today, email remains the main communication channel inside and outside the organization. It is also the primary channel used by cyber criminals for the distribution of malware, phishing, and other attacks designed to defraud individuals and corporations.
Not long ago, spelling mistakes and poor email design were the tell-tale signs of a phishing attack, but today, phishing is more sophisticated. Recent years saw a shift in email fraud from spam to targeted email phishing attacks. Fraudsters take time to research their victim’s organization and craft emails that appear to be legitimate and come from trusted sources. These spear phishing attacks target specific individuals, often with a personalized message, and are hard to distinguish from legitimate mail. Instances of spear phishing attacks are on the rise – 95% of all attacks on enterprise networks are the result of successful spear phishing attacks. Part of the reason for their success is because traditional anti-virus engines can’t detect and prevent these attacks.
There are a number of steps organizations can take to prevent or reduce risks associated with spear phishing attacks:
- Educate your employees. Addressing phishing threats requires more than building or deploying a security solution. Businesses need to invest in employee security awareness training to teach how to recognize and respond to phishing attacks. Intermedia’s security team runs an employee security education program called ‘Hacktober’ designed to simulate cyber threats to build awareness around phishing attacks. The program has seen great success, with significantly fewer employees clicking on a phishing email year over year.
- Filter your email and implement anti-phishing protection. Traditional email security solutions include anti-spam and anti-virus filters, which are great at mitigating known threats. Unfortunately, most of these solutions have no counter measures for spear phishing emails. Since spear phishing emails usually contain no malware and are almost never spam, they are often getting past these traditional security filters. Effective anti-phishing protection should include checks for domain spoofing, impersonation, and the ability to flag suspicious content within externally originated email.
- Run frequent backups. Over 90% of phishing emails contain ransomware (malware capable of blocking user access to files and systems), making a successful attack hugely disruptive for your business. Organizations need to get users back to work quickly by getting them access to the latest versions of uninfected files. Having a cloud-based file back-up solution is critical to keeping users productive during a ransomware attack.
- Deploy a Data Loss Prevention solution. CEO fraud or ‘whaling’ attacks impersonate an executive to trick the recipient into making a wire transfer or disclosing sensitive information such as W-2 forms. Data Loss Prevention offers outbound email protection against leakage of valuable, sensitive, and proprietary data. For example, your IT department can set up a policy to block outbound email containing W-2 forms.
- Keep software up-to-date. Running regular updates of both your operating system and security software helps to fix security vulnerabilities being exploited by hackers. While viruses might be delivered via email, they can spread across your network using gaps in security caused by outdated software. Next time a security update pops up, make sure to take a few minutes to ‘Install Now’ rather than selecting the tempting ‘Remind Me Later’.
While even the best email security solutions will not be able to provide you with 100% protection against email threats, you do need to have a security response plan in the event of an attack to reduce downtime, financial, and operational impact on your business. Investing in technology and the education of your employees significantly reduces the risk and impact of cyber attacks.