Phishing remains one of the most widely used techniques for gaining unauthorized access to valuable company information and computer systems.
In this NNIT Security Insights article we provide you with an introduction to phishing and the measures you and your organization can take to help protect against the risk of a phishing attack.
Imagine you are sitting at your PC and an email notification pops up on your screen. The email appears to be from your local parcels delivery service. As far as you can remember, you haven’t ordered anything, but the email convinces you to click and open the attached file.
This is an example of a typical phishing case, where the attacker aims to deceive the recipient into carrying out an action or divulging information which can then be used to carry out more extensive attack activities.
Attackers tend to send emails to large numbers of random users in the hope that at least some of the recipients will click on the provided links or open the attached files, which will then provide access to the compromised systems. According to Verizon, up to 13% of people tested clicked on such a phishing attachment, and it only takes one person’s click for an attacker to be successful.
This is taken a step further in spear phishing, a method which is often used as part of an Advanced Persistent Threat (APT) attack. In this method, recipients typically sitting in key organizational roles are identified through social media and other publicly available information. Attackers then craft targeted and convincing emails to get the recipients to disclose computer credentials or open attached files.
Phishing emails are increasingly being used as a vehicle for distributing malware payloads, such as ransomware. They are also used to distribute keyloggers, which are used to capture credentials, and remote access tools or RATs, which attackers use to gain full access to compromised PCs and then move deeper into the targeted organization’s network.
In order to minimize the impact to the business of a phishing attack, consider including the following mitigating actions:
By taking action now, businesses will be able to reduce the likelihood of being affected by a phishing attack and / or minimize disruption following an outbreak.
Do you have anything to add? Do you think anything is missing? Please let me know and share your comments!
NNIT Security Insights is a regular column where prominent NNIT IT security advisors share their thoughts on current and future IT security challenges and how to deal with them.
NNIT has its own Computer Emergency Response Team (CERT). If lightning strikes, we have the necessary competencies in-house to respond and assist. We have also developed a range of services that can help businesses to achieve the right level of security protection to protect the business from financial and reputational damage.
You are welcome to contact us at firstname.lastname@example.org if you want to know more about how NNIT can help your business increase its information security level.