Cyber Threats: Phishing Attacks
Phishing Attacks are the primary vector for malware attacks and are usually comprised of a malicious e-mail attachment or an e-mail with a malicious link. Phishing e-mails typically, falsely claim to be an established or legitimate enterprise.
Once the malicious attachment or link has been opened, users are generally directed to a website or attachment which asks them to fill out or “update” personal information in the guise of familiarity. Obviously, this is where the attacker collects vulnerable information from the victim and gets away, unnoticed.
The Anti-Phishing Working Group (APWG) comes out with a quarterly report of phishing attack trends worldwide. In their 2016 Q1 report, the number of phishing websites observed by APWG increased by 250% from 2015 Q4. 20 million new malware samples were captured and the U.S. remained at the top of the list of nations hosting phishing websites. The amount of unique phishing e-mail reports- which were reported purely by APWG customers- reached 229,265 in March alone with 418 brands and entities reporting targeted attacks.
Phishing Attack Cast Study: Anthem Inc.
In 2015, Anthem Inc. insurance company got hit with a phishing attack, which compromised an estimated 80 million patients’ medical and credit card information. An attack of this magnitude is beyond newsworthy and was investigated, not only, by the FBI and Mandiant (a FireEye company dealing with digital forensic investigation and breach-response) but state insurance commissioners, attorneys general and a U.S. Senate committee. They all launched investigations and examined the breach to measure the healthcare industry’s preparedness for mitigating cyber threats. As if this massive breach weren’t enough, follow-up breaches were launched on the victims of the original attack.
Opportunistic cyber criminals took advantage of the victims of the first Anthem attack by sending a phony message “from” Anthem “informing” victims of the breach. The message used the Anthem logos and company branding with a subject line stating “Cyber Attack Against Anthem”. In the body of the message, the cyber criminals opened with an update about the data breaches and went on to say “Your trust is top priority for Anthem, and we deeply regret the inconvenience this may cause.” A sneaky and conniving message to unsuspecting clients.
Ultimately, the message ended with a malicious link having a call-to-action stating, “Click Here to Get Your Free Year of Credit Card Protection”. Brutal. You can read more details about the Anthem Inc. breaches here. Also, check out their feature in InformationWeek’s Phishie Awards here.
Defenses against Phishing Attacks
The easiest defense against phishing attacks is simple awareness training. Phishing e-mails are often easy to detect, if you know what you’re looking for. It’s important to point out that 77% of incidents, in 2015, having occurred via user interaction with malicious emails. Phishing emails often have a slew of grammatical and spelling errors and tend to ask for personal or credit information.
On top of that, it’s usually from a source which doesn’t typically require this information, already has the information or typically doesn’t direct the user towards external links via email. Aside from knowing what to look out for, removing administrator rights reduces up to 92% of the vulnerabilities present in a network. The next step would be to patch the operating system and application.
The ultimate product tool kit in defense against phishing attacks is:
- Patch Management of OS and third-party applications
- Managed Antivirus
- Web Protection
- Email Protection
- Managed Online Backup
- Mobile Device Management
All statistics above (Defenses segment) can be found in the LOGICnow Cyber Threat Guide.
Learn how to detect and mitigate cyber threats with our Cyber Threat Detection and Mitigation Certification Training Course!
Start your FREE trial today!