Nowadays, when a company receives an external attack, most of the time it starts with a phishing attack . This type of attack is based on human error, since every day workers open or use dozens of e-mails with their corresponding links in them. The threat of phishing this year 2020 has increased markedly due to the increase in remote working.
When this year 2020 ends, he will be remembered for the start of the Covid-19 pandemic, and for a significant advance to the digital world thanks to teleworking from home. In this sense, remote work has acquired great prominence and laws such as the telework law have been passed.
Security awareness and human error
Phishing attacks pay off to cybercriminals. Their initiation process is as simple as emailing victims, and waiting to see who takes the bait. These criminals take advantage of the fact that the workers are human, and that sooner or later they end up making a mistake. One way to improve this is security awareness training as a multi-layered defense strategy. Not enough, simulating attacks during training sessions is not always an effective way to learn, the reason is simple: these people do not necessarily retain the information or not all that they should.
Another aspect that we must take into account is that we will always be more vulnerable to this type of attack if we telework, because it is very possible that we do not have the appropriate filters and correct security settings in our home. For example, companies can use proxies with traffic filtering to check any threat in real time, this is not possible at home, unless we connect via VPN to the company and tunnel all traffic, both work traffic Like the staff, in this way, the traffic before going to the Internet will pass through the company’s filters.
In this sense, the increase in teleworking from home considerably increases the distractions we face. Thus, in these trainings carried out from our homes, it is not strange to see how the participants fall over and over again in the same scam.
To mitigate the threat of phishing, a good option is to reinforce with a lesson during a live attack . The moment someone clicks on a harmful URL, defenders must be able to simultaneously block the attack. They then have to show the worker what that cybercriminal was trying to do. In a sense, it’s like matching theory lessons with a real-life example.
Phishing attacks in companies
Most CISOs (Chief Information Security Officer) believe that the threat of phishing is a corporate email problem, and that their current line of defense is sufficient. However, these CIOs are wrong. These attacks can easily evade email phishing defenses that rely on static reputation-based detection. For this reason, we see that many times they bypass the conventional first lines of defense to compromise a network.
In this sense, the threat of phishing is based on the identity theft of large companies such as Microsoft, which currently occupies the number one position. We could also add other well-known ones such as Amazon, DHL, Zoom, Dropbox and Slack. Another thing to keep in mind are phishing attacks on the mobile sector, in this section they are aimed at companies such as WhatsApp, PayPal and Facebook. We must also take into account the different types of phishing that we can find today.
How to protect ourselves from the threat of phishing
To protect ourselves we must take a comprehensive approach to defense against the threat of phishing with multiple layers outside the firewall. In this sense, it is necessary to protect mobile devices and PC / Mac endpoints with the implementation of end-to-end encryption. Therefore, we must be concerned as much about the safety of the workers who work from the company and are protected by its firewall, as well as those who do it externally.
You also have to worry about the computers and credentials employees use on their personal and business accounts. For this reason, these computers and devices must be protected with the latest updates and appropriate security software. In addition, a preventive security policy must be established, currently we already have defenses enabled by AI to combat attacks.Finally, sometimes these attacks inevitably elude all defenses, and we must be prepared to respond. In that sense, we have to be prepared with a good incident plan and backed up by backup copies.