Until recently, phishing was considered as one among the threats affecting inexperienced users. However, as technology advanced, the scale of phishing attacks increased rapidly making it a serious menace against which traditional defense tactics come a cropper. Today phishing has evolved to encompass a variety of tactics to lure users. This includes spear phishing, long lining and whaling. If procuring credit card and identity information were the objectives of phishers earlier, today it includes corporate information, intellectual property and sensitive information regarding national security. As per Gartner’s 2012 Magic Quadrant for Secure Email Gateways (SEG), "Phishing attacks continue to oscillate, while more targeted phishing attacks increase. Better protection from targeted phishing attacks is the most critical new inbound protection capability, but only a few vendors have advanced the state of the art against these attacks." Phishing is a social engineering attack where phishers play with the emotions of the people to get what they want. The increases seen in phishing attacks show the gullibility of the people. Since people easily fall for it, phishers target users to attack the systems they use instead of attacking the systems directly. Therefore, security measures like firewalls, encryption software, and certificates fall flat since in most cases they fail to prevent people from being duped. One of the best means to prevent phishing attacks is to deploy anti phishing software that address not just technology but also process and people risk. A strategic phishing attack specifically targets these two areas, as phishers are well aware that these are the most difficult zones to guard. But how does anti phishing software work and how it helps to deal with people and process risks? The automated tool is first installed internally within the organization, tailored with information about people, processes and technology. It then launches a customized phishing attack at the target audience and tracks their responses. Social behaviors towards the attack are analyzed and a detailed report is then generated. The anti-phishing software provides statistics on user behavior, measures security awareness among employees, identifies data leakage, assesses Data Loss Prevention (DLP) programs and tests the incident response program. When the test is over, a personalized e-mail is sent to each individual, informing him or her about his/her responses and what should be the ideal action. In addition, an e-learning module further educates the user on security awareness. Thus, with this solution, organizations can diagnose risks for specific divisions as well as for their entire business. Statistics show that the total number of phishing attacks rose to 445,004 in 2012, which is a 59 percent increase from total number of attacks in 2011. Therefore, as explained above, deploying anti phishing software that address people and process risk can help to combat phishing attacks effectively. Read More About: Plug-In Stops Phishing Attacks, Protect Against Phishing Scams, Automated Anti Phishing Software Tools, Enterprise Spear Phishing Attack
Related Articles -
Plug-In Stops Phishing Attacks, Protect Against Phishing Scams, Automated Anti Phishing Software Tools, Enterprise Spear Phishing Attack,
|