How to protect against a phishing attack

Protect against a phishing attack

Dec 11th 2020

How to protect against a phishing attack

Phishing attacks are not exclusive to a certain type of business or profession. They can happen to anyone and most people have received a phishing email in their lifetime. Phishing attacks can negatively affect your business if unprotected. Defending against phishing can be achieved with some efficient and effective control measures for your team and devices.

 

What are phishing attacks?

Phishing attacks occur when a malicious actor intends to trick users into carrying out an unintended action. This type of attack can be used to download malware onto a device or send users to a suspicious website that malicious actors may use to obtain your personal or company information, such as user credentials.

One of the most convincing elements of a phishing attack is its ability to stay relevant to current events. Malicious actors use news and often financial-related topics to draw users in. Phishing attacks can be carried out using a text, phone call or on social media, but most commonly, via email. Phishing via email means senders can access thousands, even millions, of targets directly. The intention is for these emails to look official and urgent to make them difficult for users to ignore and develop suspicion, encouraging them to follow the malicious instructions within the email.

 

Why do you need to protect yourself?

The intention of a phishing email is not clear upon opening. Some actors may send an email to millions of people hoping to get some intellectual property, such as passwords. More sinister actors may engage in a phishing campaign against your organisation specifically, which is commonly referred to as “spear phishing”. It is important that your business is protected against phishing attacks to prevent the negative impact it may have on your reputation, financial position, employees and customers. 

Protecting your organisation from phishing attacks ensures you can mitigate risk while minimising disruption to your business and productivity. Putting protective measures in place ensures your users can identify a phishing email and makes it difficult for malicious actors to reach your end-users. It is important to help your users understand the impact of a phishing attack if it goes undetected and how to report one to ensure it does not reach this stage. A quick response to any suspected phishing incident is crucial to minimise the impact of a successful attack as much as possible.

Protective measures should be a combination of user training and technical controls. This will ensure that you are adopting a defence in depth approach to building resilience against  phishing attacks. This should ensure that you have multiple opportunities to effectively detect and prevent a successful phishing attack. The evolving nature of phishing attacks means it will not always be possible to stop them, but your awareness and knowledge will ensure you can plan and mitigate risk accordingly.

 

Here are 3 ways to protect against phishing attacks:

 

1. Train your users to identify and report phishing

As discussed, training is a crucial part of phishing protection. Users naturally open emails and click on links during the day as part of their work and personal duties. It is not often that everyone vigilantly checks each email before opening it. As phishing attacks are getting more sophisticated and realistic, it may be difficult to identify every attempt. Our blog post dissects a real phishing email and shows you how to spot the different elements that can be used to identify suspicious emails.

Training your users to understand the common tactics used in phishing emails will ensure they can spot when emails are official and when they are not. Make sure your users know the impact of phishing attacks and the benefits of sufficient protection. They should also know when and how to report an attack or suspicion. Having an open and honest reporting culture will help your users feel like they can report an incident without being blamed or punished.

 

2. Secure and configure your devices and accounts

Technical protection can be achieved by securing your user devices. As malware is often downloaded onto devices when sinister links are clicked, you should ensure anti-malware is in place and your devices are well-configured. This will reduce the likelihood that common malware is executed on a device even if a link is clicked by the end-user. You should keep this software up to date so your device can remain protected.

You can also implement software that automatically blocks suspicious websites. Even if an email link is clicked, if the browser cannot open the website the attack cannot continue. Most browsers will block sites if they are known for phishing or malware. Two-factor authentication will also add another layer of protection to user accounts, should a user’s password be compromised. 

 

3. Protect your email addresses and filter incoming emails

Filtering and blocking phishing emails is a great way to protect against attacks. Mail filtering software prevents malicious emails from reaching your users’ inboxes ensuring that they cannot open it. It also helps to maintain user productivity as less time is spent going through emails and raising alerts for suspicious activity. Emails can be filtered or blocked using IP addresses, domain names, blacklists or attachment types. Whether you want to filter or block emails depends on the needs of your organisation, and may need to be reviewed depending on how your business operates.

One common phishing tactic is to replicate official emails to make it look like it was sent by a trusted and reputable organisation. This makes it harder for your users to identify a malicious email compared to a reliable one. Configure your mail filtering solution to check for anti-spoofing controls such as DMARC, SPF and DKIM, which makes it difficult for fake emails to be sent to your domains. 

Regular simulations should be performed to maintain awareness and identify additional training requirements. Sentrium can help to protect your organisation from phishing attacks. We simulate phishing attacks and provide detailed metrics to aid your organisation in building resilience. Our simulations can be tailored to the frequency, targets and content of the phishing attacks. This supports your organisation to become more sophisticated against phishing attacks as you improve with training and practice.

Introduction to Windows 11 (Beta) Security

Introduction to Windows 11 (Beta) Security

HTTP/3 and QUIC: A new era of speed and security

HTTP/3 and QUIC: A new era of speed and security?

Microsoft reports open redirection phishing tactic

Microsoft reports open redirection phishing tactics

Fortinet WAF allows remote code execution

Fortinet WAF allows remote code execution

Microsoft Exchange Bugs

Microsoft Exchange Proxy Vulnerabilities

PetitPotam: Windows AD CS NTLM Relay Attack

PetitPotam: Windows AD CS NTLM Relay Attack

What to do after your penetration testing report

What should you do after your penetration testin...

What is penetration testing and why is it important to use a CREST-approved provider?

What is penetration testing and why is it importa...

How secure use of the cloud can transform your business

How secure use of the cloud can digitally transfo...

How to prepare your business for secure cloud migration

How to prepare your business for secure cloud mig...

What is crest and how does it benefit you?

What is CREST and what are the benefits of using ...

How can the 10 steps to cyber security help to protect your organisation?

How can the 10 steps to cyber security help to pr...

The importance of cyber security

Celebrating Sentrium’s contribution to cyber secu...

What is OWASP Application Security

What is OWASP application security?

Pentration testing report

What should you do after your penetration testing...

Secure data in cloud computing

How to secure data in cloud computing

The Security risks of cloud computing

What are the security risks of cloud computing?

Maintain security when employees work remotely

How to maintain security when employees work remo...

Identify and avoid phishing attacks

How to identify and avoid phishing attacks

Penetration testing

What is penetration testing and why is it important?
  • Left Arrow Icon
  • Right Arrow Icon