Phishing Emails Are Getting Smarter – Are You?
October 24, 2021
We’re all aware of the threat of phishing attacks. It’s sometimes assumed that technical minded people are invincible to phishing attacks, but even the most savvy can be duped. The latest phishing attack making headlines has a 90% success rate. You may be familiar with the standard phishing language below, but what about non-traditional methods?
Standard Phishing Language:
- Please see your invoice attached
- Click here to open your scanned document
- Your package has shipped – your shipping receipt is attached
- I want to place an order for the attached list
- Please verify this transaction
COVID Phishing Language:
- Password Check Required Immediately
- Vacation Policy Update
- Branch/Corporate Reopening Schedule
- COVID Awareness
- Free COVID Tests (from un-trusted source)
Top Tips to Not “Bite”
Brite’s partner, Proofpoint, presents their research on employee’s interaction with phishing emails in ‘The Human Factor’ report. This research shows that every organization has at least one user will click on a malicious email. To protect your organization, users, and data against the latest attacks we recommend the following:
- Invest in mail gateway solutions capable of detecting and preventing advanced attacks and those that do not involve malware. This step helps minimize the number of threats coming into the network. Once these threats are the network, malware and malicious traffic may be more difficult to detect and distinguish from legitimate business traffic.
- Never allow emails with attached executable code to be delivered. Likewise, do not allow people to share code over email. Enact simple rules that block .exe or .js attachments to prevent obvious malicious exploits from entering your environment.
- Deploy security solutions that can correlate activity across threat vectors. That capability gives you deeper insight into attacks to help you resolve them, block future attacks, and more easily detect those that do get through.
Have concerns if your organization is protected from phishing attacks? Contact us and we’ll connect you with a Brite representative.