Since the beginning of 2020 there has been a noticeable spike in the amount of ransomware attacks recorded. Less noticeable however, has been that phishing attacks are also extremely widespread nowadays.
Phishing attacks aim to steal passwords and other login credentials that will unlock access to databases and, potentially, much more valuable private data. Particularly attractive for phishers are email credentials. For instance, a healthcare worker’s email account will often hold valuable healthcare data, health insurance details, and Social Security information. This range of information can be deployed to carry out identity theft or other fraudulent activity.
The start of most phishing attacks is when a phishing email is sent in order to try and trick the recipient into handing over access details for a database. There have been many different research studies completed that have indicated that phishing is one of the main threats facing groups. In the UK and the US, two recent surveys have revealed that 75% of companies had suffered a data breach in the last year while another study showed that more than 50% of IT management have witnessed a surge in phishing attacks in the past year.
Employee training courses are crucial in order to increase awareness of the phishing threat. The current trend towards remote working has made providing this a much more tricky challenge. Refresher classes must be conducted on an ongoing basis or vulnerabilities can come to the surface. Phisher often change their tactics and new trends must be made known to employees so that they know what to look out for. As phishing emails evolve and continue to look more and more realistic the challenge linked to spotting these attacks becomes all the greater.
Two of the best technical approaches to combating phishing attacks are spam filters and web filters. When used in tandem they can provide a strong forcefield to bolster cybersecurity measures and block all attempts to infiltrate your databases.
A spam filter must have specific features configured to tackle complex phishing threats. By using blacklists emails from known malicious IP addresses will be blocked. However, IP addresses can often be changed so machine learning approaches are required to tackle brand new phishing tactics and threats from IP addresses not regarded as malicious. Using multiple AV engines malware threats can be handled, while sandboxing can be used to identify spot malware straind. DMARC is also vital to take on email impersonation attacks, while outbound scanning is important for quickly discovering infiltrated inboxes. All of these features are used by SpamTitan, which is why the solution registers a high block rate (over 99.97%) and low false positive rate.
Web filters are mainly used to limit access to potentially dangerous websites, whether they are sites with pornographic content or malicious sites employed for phishing and malware transmission. Web filters, especially DNS-based filters, greatly enhance security in the face of threats. they will also prevent access to known malicious websites and block malware installations. WebTitan provides all of this and can easily be set up to safeguard remotely-based employees workers.
With phishing attacks are on the rise it is crucial for companies to configure solutions to address this threat. For more details on SpamTitan and WebTitan, and how they can make your company safer, contact TitanHQ now.