The truth is that the prevalence of phishing emails is for one simple reason - they work.
People keep clicking the links and downloading the files, so why would hackers stop sending them? They're on the hunt for their next big trophy phishing catch and are waiting for you to take the bait.
This post covers the top targets that hackers have in their sights, the bait and tactics they use to catch them and the defensive solutions you need to have in place to protect your employees and customers.
Who are your organization's top targets?
Every layer of your business has a trophy target just waiting to get caught on the hacker's hook. The best way you can protect them is to know the type of bait that the hacker will try to use and educate them on how to spot those threats when they cross their inbox.
Here are the top 5 trophy targets for hackers:
Target 1. The CEO
It's easy enough for hackers to find information on a company. Just a quick search of the company page, or social media sites like LinkedIn, makes it easy for them to find the names and email addresses of members of finance or legal teams. A simple email with a spoofed email address from a clerk on the legal team and a subject line with the threat of a lawsuit is sure to make even a CEO click any link.Target 2: Finance
If the CEO asks you to do something, it's usually in your best interest to do what they're asking. So, if you're on the finance team and the CEO asks you to transfer some funds, why would you second guess that? Hackers understand this, which is why they'll often spoof an email from the boss to get quick action from any employee. If they take the bait and click the transfer link, they'll be handing account information right over to the hacker.Target 3. HR
Regardless of the standard practices, members of your human resources team are used to receiving resumes via email. And while they may not open every one, hackers know that if they craft the right email there's a chance that the HR team could open the email and download the attachment. From there, the hacker has access to sensitive employee information, including social security numbers, addresses, and phone numbers. They could even get access to healthcare information or 401k providers which can line them up for the next hack against your organization.
Target 4. Sales
Sales people are used to fielding emails and phone calls from prospective clients and customers. They're eager to respond to any email that comes through that could be the next big sale. It's easy enough for a hacker to find a sales person's information and they can be pretty confident that any email they send will at least be opened.
A credential theft from these users would provide access to customer lists, pricing sheets, and confidential information. Stealing their accounts will also allow for a new phishing attack vector to members of the finance, management and account teams who would trust emails from the salesperson.
Target 5. Operations
Shipping attachments for UPS and FedEx orders are another common way that attackers gain access to your business. Operations team members are used to receiving these types of emails with an attachment containing important shipping information. Subject lines like "missing package" are certainly going to get their attention. Hackers know that even if this part of your organization isn't expecting a shipment, they're still pretty likely to open that email and click that link or download that attachment.
How to Keep Off the Hacker's Hook
Having the right defenses in place can keep you, your employees and your customers protected. This requires security at every layer of your organization against known, unknown and evasive threats. A total security solution protects your business. Here's how:
Threat detection and response provides protection against ransomware attacks. Should an employee receive a phishing email that contains ransomware, a TDR solution will detect the threat and remediate it before encryption takes place.
An advanced persistent threat blocker detonates suspicious files detected on the network and host in a virtual environment to determine if they have malicious intent. If the file is malicious, it is quarantined from the user. This ensures that any phishing emails containing attachments will be detonated and determined malicious before ever being opened on a user's device.
A service like Watchguard DNSwatch monitors traffic and blocks access to known malicious sites. So when a user receives a phishing email and clicks the link trying to point them to a malicious site, DNSwatch steps in to make sure that the user isn't able to access the dangerous site. This service redirects users to a safe page that refreshes them on the warning signs to look out for with a phishing email.
Should a hacker gain access to your organization and find a way to steal user credentials, you need a way to ensure that even if they get those credentials they won't get very far. Multi-factor authentication (MFA) requires that a user have something they know, something they have like a code sent to their cell phone before they can gain access.
As a full-suite IT and cybersecurity firm, Restech can help with all of your security and IT needs. To learn more and get a free cybersecurity assessment, contact us today.
Source: Watchguard Technologies