Spoofing and Spear Phishing | Traditional Solutions are Not Enough
Receiving spoofed emails is a nuisance, irritating and inconvenient, but generally spoofed emails are easy to identify and recipients delete these emails – making spoofed emails irritating but practically harmless. But cybercriminals don’t stop at spoofed emails. These savvy individuals are constantly trying to improve their tactics and businesses need to keep pace. When cyber criminals craft targeted spear phishing emails, spoofing can become a potentially dangerous event.
Despite the overall decrease in the volume of spam reported, the number of spear phishing attempts have increased dramatically, pushing spear phishing to top of mind for IT professionals. With the increase in hyper-personalized spoofed emails, the question remains, whose responsibility is it to prevent spear phishing attacks from succeeding, employees or the organization?
Many individuals think that the onus of preventing cyber attacks, including spear phishing attacks, rests on the employees not the organization. However, this stance is a dangerous one to take; employees cannot solely be held responsible for successful spear phishing attacks.
Underestimating cyber criminals can be very costly to business operations; the responsibility to keep an organization’s assets safe does not fall on its employees. The fact is there are solutions available and
precautions organizations can take to minimize the spear phishing attacks seen by employees.
The basic anatomy of all spear phishing attempts includes a call to action; the recipient is prompted to click on a link, call a number, or open an attachment. Spear phishing attacks are generally executed at
the end of the quarter in the evening and are constructed in a way that requests the recipient to act.The uncanny (and well thought out timing) coupled with spoofing, or the attacker pretending to know
the individual, makes spear phishing emails a viable threat to an organization.
There are five steps organizations can take now to minimize targeted attacks:
- Accept that both the organization and its employees are probable targets. Then take the proper precautions; research email spoofing solutions that will work well with the organization.
- Beware of links. The likelihood of a spear phishing attack using a link – which downloads potentially dangerous malware – is a high probability and can be mitigated using commercial software available today.
- Education. While email security solutions are necessary, so is educating employees to minimize human error. There are firms that do this for companies and have remediation programs that can be used in the fight against these attacks.
- Use messaging intelligence. Organizations can build this internally and there are solutions available. These solutions usually have access to black lists and other resources that internally developed systems might not have.
- Turn up the volume. Well, maybe not the volume per se, but turn up the sensitivity of the spam filters. Many organizations have multiple spam filters that use different data repositories and algorithms to stop these malicious attacks. Deploying a whitelist service in tandem with increasing the spam filter sensitivity will provide comprehensive support.
There are solutions available today can fight against spoofing, provide messaging intelligence and authenticate the integrity of the email senders. With solutions like these available, organizations have no excuse for not taking the first step in preventing malicious emails from ending up in employees’ inboxes. The responsibility resides on organizations to implement proper security solutions and educate
employees to effectively combat spear phishing attacks.
By Michael Knight, VP Solution Services
Michael Knight works as a senior architect and technology advisor with responsibility for insuring successful TrustSphere implementations. He works closely with customer and partner accounts in various industries such as financial services, banking and insurance. Prior to joining TrustSphere, Mr. Knight was at Cassatt, where he worked in the office of the CTO, leading technical teams for the creation of private clouds within some of the largest data centers in the world. Mr. Knight has nearly 20 years of history working in IT software and infrastructure management, leading senior solutions architect and residing on technical teams working with the five largest banks in the world and the four largest insurance carriers in the U.S. Working closely with CTOs and in various leadership roles, Mr. Knight has focused his career on early stage software technologies surrounding security and standards based application development using Java and newer development paradigms including Service Oriented Architectures. Mr. Knight holds a B.S. in Electrical Engineering from Boston University and a M.S. In computer science from MIT.
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.