[BreachExchange] How to Protect Your Organization from Spear Phishing

Audrey McNeil audrey at riskbasedsecurity.com
Thu Jul 12 19:37:28 EDT 2018


http://www.cyberdefensemagazine.com/how-to-protect-your-organization-
from-spear-phishing/

In April 2018, IT Governance reported that 75% of organizations have
experienced “at least one” phishing attack. While most businesses are used
to dealing with spam—it often seems like getting spam is a rite of passage
for anyone with an inbox—the types employees are used to range from random
ads and “last chance” sales to cold emails from strangers they don’t know
and foreign bank transfer requests.

Spam may be annoying, but the emails are usually harmless. Most people know
what questionable messages look like: they don’t recognize the company or
the sender, the copy is riddled with spelling errors and odd language, or
the requests have questionable files attached. The majority of email users
know to simply delete them.

Unfortunately, spear phishing is a different threat altogether. Not only do
these attacks threaten the security of an organization’s sensitive data,
they’re often a lot harder to detect. Attackers have upped their game.
They’re able to spoof email addresses that look like they’re from the
business they’ve targeted (e.g. ceo.jsmith at yourcompany.com), and the
messages are often filled with reasonable requests or attachments, like an
order form for a company accountant.

Yikes. No wonder the percentage of employees who have fallen for phishing
attacks is so high.

Thankfully, it is not impossible to protect your organization and secure
your information. Here are four easy steps you can follow to keep phishing
emails from doing damage to your business.

1. Install the latest security patches for your OS

Check your operating system frequently for new security patches. While OS
patches aren’t always created specifically for phishing threats, they will
help you avoid vulnerabilities in your organization that could give a
successful phishing attack access to critical company data.

For Windows users: Microsoft releases updates to their OS often, especially
if they’ve identified a potential security concern and want to protect
their users against it. Versions like Windows XP are also updated on
occasion if there’s enough risk to warrant it—good news for those who still
use unsupported versions.

For macOS, Linux, AIX, and VIOS users: These operating systems also receive
frequent patches to ensure the best protection against potential gaps in
security. Updates are released as industries predict new cyberattacks, so
make sure your customer-facing and internal systems are always current with
the latest security patches for your particular OS.

2. Encrypt sensitive company information

Use strong file encryption practices in your organization to better
safeguard company data from prying eyes. Along with a trustworthy secure
file transfer solution, encryption will protect the files you send to your
databases, cloud environments, trading partners, and customers, making it
difficult for hackers to decrypt any information they get their hands on.

Here are a few examples of things you should encrypt. Successful encryption
will limit the scope of damage a phishing attack could have across your
business.

- Hard drives
- Cloud storage
- Passwords and security questions
- Internet activity (by using a VPN or masked IP address)
- External storage like USB drives or hard drives
- Files like business contracts, audit reports, and tax documents

A managed file transfer solution can guard your files in transit and at
rest using modern encryption technologies. Good MFT software helps ensure
that you stay up-to-date with the latest encryption standards, while making
your file transfers simple to track, manage, and audit.

3. Protect your accounts with multi-factor authentication

Organizations around the globe have implemented multi-factor authentication
(MFA) as part of their cybersecurity framework. Some companies let
customers choose if they want to enable MFA on their accounts. Others,
especially those in industries that process personal data, require clients
to enter their password, their pin, and a mobile code in order to view or
manage their information.

If you haven’t already: Consider establishing multi-factor authentication
across your accounts for an extra layer of protection.

Multi-factor authentication helps ensure that anyone who accesses your
private data has been approved and verified by your servers. It works by
requiring at least two pieces of identification (say a username/password
combo and a randomly generated token) that complicates the ability for
hackers to compromise your systems—even if they have half the details
needed to get in.

If we lived in a perfect world, passwords and security questions would be
impenetrable. But in reality, employees often use a small variety of
passwords across multiple websites and overshare personal data on social
media, compromising the integrity of their logins and security questions.

Our suggestion? Implement MFA at work and at home. It will give you an
extra layer of security against spear phishing and other types of attacks,
no matter where you are or where you go.

4. When you see suspicious email activity, ask first

If you receive a suspicious email from someone you trust, check that it
came from the sender before you interact with it. Stop by their office,
give them a call, or send them a separate email and ask if it was truly a
request from them.

It takes two minutes to establish whether an email should be trusted. While
it might interrupt a project or packed schedule, the detour to their office
is absolutely worth it. Hopefully, the email is legitimate and you can
respond with ease. But if it’s not, if the email is a carefully-concealed
phishing email, your IT team can now warn others in the organization of a
potential cyberattack.

Remember, always alert IT of suspicious email activity. If you received
something off-putting or strange, chances are other employees have too.

Spear phishing attacks happen every day. They’re a cybersecurity concern
organizations should be aware of and take measures against. But they don’t
have to be a problem if you take the time to update your operating systems,
encrypt your file transfers, secure your accounts, and report strange
emails to your IT department.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180712/47ffe283/attachment.html>


More information about the BreachExchange mailing list