Phishing is one of the most effective ways of gaining access to corporate accounts and is the most common form of cybercrime. Phishing is most commonly conducted via email, although the attacks can be conducted via SMS (smishing), the telephone (vishing), or on social media websites and instant messaging platforms. Phishing is a form of social engineering that involves convincing a user to open a malicious attachment or disclose their credentials, with the latter usually occurring on a website, the link for which is included in the message.
The linked website – and the email – commonly spoof a trusted and well-known brand. In Microsoft phishing attacks, the user is given a seemingly legitimate reason for visiting the website, where they are presented with a login prompt that mimics the one used by Microsoft to access its services. If the user enters their login credentials they are captured and used by the attacker to access the user’s account. These scams often proceed without the victim being aware that they have been scammed and have disclosed their credentials.
Phishing attacks on businesses have been increasing. According to the Anti Phishing Working Group, in the first Quarter of 2022, it recorded 1,025,968 phishing attacks, with 2021 seeing more attacks than any other year. In December 2021 alone there were 300,000 reported attacks. These attacks are not only increasing in number. They are also becoming much more sophisticated and harder for individuals and cybersecurity solutions to identify.
Businesses are discovering that the email security solutions they could once rely on are failing to block all threats. They will block the vast majority of phishing attempts, but due to the rapidly changing tactics of phishers, many phishing emails land in inboxes. One way to improve detection is to implement SpamTitan Plus.
SpamTitan Plus is TitanHQ’s flagship anti-phishing solution. The key to the success of SpamTitan Plus and its industry-leading protection is 100% coverage of all existing phishing feeds, whereas other solutions receive limited intelligence. SpamTitan Plus has massive clickstream traffic from 600+ million users and endpoints and several hundred billion local queries and 100 million cloud queries a day. That ensures the solution detects more than 10 million new phishing URLs every day, achieves a 1.5x increase in unique detections, and has 1.6x faster detections than the current market leaders.
With SpamTitan Plus, it takes just 5 minutes from the initial detection of a malicious, offending URL to protect all users’ mailboxes. All URLs are rewritten and followed to assess the website, and users will only be allowed to connect if the URL is verified as safe.
However, even with this market-leading solution, businesses need to do more. Phishing is so successful because it targets employees, who being human, are prone to make mistakes. Businesses can reduce the susceptibility of employees to phishing by providing regular security awareness training. Employees should be trained on how to identify phishing attempts so that when a phishing email lands in their inbox, they will be able to identify it as such. Training should be accompanied by phishing simulations – dummy phishing emails sent internally to test whether employees can identify the malicious messages. These simulations are one of the most effective training tools, as they teach employees how to identify phishing emails when they are busy at work. After all, that is when they are likely to receive real phishing emails.
If an employee is fooled, the simulator is programmed to deliver instant training – a short module that explains where the employee went wrong, how they could have identified the phishing attempt, and what they should do when such an email is received in the future. This form of training in real-time in response to mistakes is very effective – more so than a classroom training session.
TitanHQ offers such a platform – SafeTitan – that delivers engaging, gamified training content in modules of 10 minutes covering all aspects of cybersecurity, and a phishing simulator for sending phishing simulations. SafeTitan is the only behavior-driven security awareness solution that delivers security training in real time.
As an added protection, all businesses should implement multifactor authentication. In the event of credentials being compromised, they cannot be used to gain access to an account unless an additional authentication factor is provided. Unfortunately, some phishing campaigns can bypass MFA controls and obtain one-time passwords through the use of reverse proxies. A connection is made to the genuine website for which credentials are sought, and when the credentials are entered on the phishing site they are relayed to the genuine site, and the MFA codes generated are similarly captured along with the session cookies that allow access to be gained to the account.
These attacks work on standard MFA. Businesses can improve protection by implementing phishing-resistant MFA The gold standard for multifactor authentication is FIDO/WebAuthn authentication, with public key infrastructure (PKI)-based authentication another good choice.
With SpamTitan Plus, SafeTitan security awareness training and phishing simulations, and phishing-resistant MFA, businesses will be well protected from phishing attacks. For more information on SpamTitan Plus and SafeTitan, give the TitanHQ team a call, and take an important step toward defending your business against phishing attacks.