sb-nz logo
Story image

How to ensure your organisation doesn’t get hooked by phishing scams

Security solutions provider Trend Micro wrote that three-quarters of targeted attack attempts use email as an attack vector, the number of unique phishing websites increased by 250% according to the Anti-Phishing Working Group.

The Symantec Internet Security Threat Report revealed that spear-phishing campaigns targeting employees increased 55%.

More troubling to security practitioners, phishing attacks have grown more targeted and dangerous, as the variety of attack methods continue to evolve and the number of threat actors proliferate. 

In its latest Internet Security Threat Report, Symantec also points out that a thriving criminal marketplace has made phishing campaigns easier to run.

This means that phishing scams have become more of a ‘when’ rather than an ‘if’. 

While many organisations recognise phishing as serious, they often struggle to obtain quality information about specific threats. 

Intelligence feeds built entirely through automation can introduce large amounts of extraneous information and make it difficult to identify real threats within a mass of materials. 

As a result, large amounts of human capital are expended searching through mountains of threat data. 

Consequently, by the time actionable information is located, the relevant threat information is either stale or the attack has already transpired and data compromise has potentially occurred.

This leaves a vital question, how can businesses respond to and stop invadable attacks before it’s too late? 

Actionable intelligence is driven by proper context, as not all threats require the same response.

Thus companies need a phishing-specific incident response plan.

Cofense Intelligence provides important context to drive decision-making, allowing responders to select the correct course of action based on attributes of the malware, such as when and where to act first. 

Response to ransomware should not be the same as a remote access tool, but without the supporting information, responders can find it difficult to assess the threat and know how to begin. 

Cofense Intelligence collects millions of emails from numerous remote sensors and these are compiled into vast collections that are then vetted by humans for the greatest accuracy. 

While there are many different providers of generalised threat intelligence, Cofense delivers phishing-specific, human vetted phishing intelligence. 

It delivers intelligence about specific phishing threats to provide the greatest level of relevance and focus on the largest culprit of breaches. 

Additionally, Cofense develops out-of-the-box integrations with partners like SIEM, network and endpoint security, and Threat Intelligence Platform (TIP) vendors to enable the automation and orchestration of your incident response. 

Cofense are the experts in this field and they can help organisations of all sizes defend against and prevent major phishing attacks. 

Contact Cofense here for more information.

Story image
Worldwide cybersecurity spending to increase 10% in 2021 — Canalys
This will contribute to a swelling of the valuation of the cybersecurity market, which is set to reach $60.2 billion this year.More
Story image
Palo Alto Networks advances attack surface management with Expanse
"By integrating Expanse's attack surface management capabilities into Cortex after closing, we will be able to offer the first solution that combines the outside view of an organisation's attack surface with an inside view to proactively address all security threats."More
Story image
Check Point exposes Android malware vendor using dark net to rebrand products
Check Point security researchers have exposed an Android malware vendor using a marketer on the dark net to rebrand its products, with the intention of supercharging business and throwing off security vendors. More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
A brief history of cyber-threats — from 2000 to 2020
Many significant cybersecurity events have occurred since the year 2000 — not every one of them ‘firsts’, but all of them correlating with a change in security behaviour or protection.More
Story image
The current state of ransomware — and its future
Discoveries made by analysts at Sophos have unearthed a new development: ransomware code appears to have been shared across ‘families’, and some of the ransomware groups seemed to work in collaboration more than in competition with one another. More