Phishing Attacks

 

Even if you have a state-of-the-art firewall, and every Anti-Virus module available to protect your network, your organisation could still be hit by a phishing hack. Why??

 


Firstly, well done on taking steps to protect your network from external attack!  The above protections are very important in stopping hackers from breaching your firewall, and planting viruses on your network.  However, when a mailbox is compromised and then used to send out spam or malicious emails, it is most often the result of a phishing attack rather than a direct hack.

Here is why phishing is different to brute force or other direct attacks:

  1. Ease of Execution
    • Phishing: A ‘soft option’ for attackers is to trick someone into giving away their credentials (via fake login pages, malicious links, or emails).  Note: links in these types of e-mail may not be malicious (more easily identifiable by security products), but simply be a form for you to enter your credentials.
    • Direct Hack: Breaking into accounts without user involvement often requires finding and exploiting a vulnerability in the email service or infrastructure, which is harder and less common.
  2. Lower Technical Barriers
    • Phishing: doesn’t require advanced hacking skills. Tools to craft convincing phishing emails and fake login pages are readily available.
    • Direct hacking: requires expertise, tools, and often knowledge of specific vulnerabilities.
  3. Scale
    • Phishing: campaigns can target thousands of users at once, increasing the likelihood of success. If one person is fooled, the attacker gains access.

Simply put: if you owned an apartment block with a sophisticated door entry system, but one of the tenants inadvertently gave their personal key to someone, a burglar could just walk in!  Depending on the level of access that your tenant had would determine how many areas a prospective burglar could gain access to.  Your security systems didn’t fail, the burglars were essentially invited onto the property through legitimate means.

At best, one apartment could be burgled.  If the caretaker gave his key away, it could be much worse!

Behaviour of Compromised Accounts
    • Attackers commonly use stolen credentials from phishing attacks to:

      • Log into email accounts.
      • Send phishing emails or spam from the compromised account.
      • Propagate attacks within an organization (e.g., internal phishing using the trusted sender’s email).
    • These actions are rarely part of direct hacks, which are more targeted and deliberate.
https://www.freepik.com/ mailbox

What can you do?


At ISL, we partnered with a company called Boxphish who send ready-made e-mail phishing simulations to staff and give you the results within a comprehensive reporting suite (or you can create your own).

  • Step 1: is to find out how susceptible your business is to attack. Should an employee accidentally click on a simulated phishing attack, Boxphish offer educational landing pages that contain top tips on how to spot the next one.
  • Step 2: is to educate your staff. You can enrol your employees onto automated learning journeys that deliver regular, friendly, video-based training.
  • The training content follows best-practice cyber advice released by the National Cyber Security Centre and is updated regularly.
  • Please call or Email Us if you’d like more information.