91% of Cyber Attacks Start with a Phishing Email
Phishing itself is where a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information. This normally includes banking details, credit cards, passwords, access to other sensitive data (databases of addresses etc) and even sometimes urgent requests for payments and services.
The information is then used to access important accounts and can result in identity theft, financial loss and sometimes limit access to business critical services.
Unfortunately, even the most advanced technology won’t stop every phishing attack, as whilst good IT equipment and services will capture phishing attempts, some will still get through to a user.
It’s essential for all business and personal users to understand the most common types of Phishing.
How do we combat against this?
We would recommend that you speak to us about adding Microsoft’s Advanced Threat Protection (ATP) to your Office 365 services. ATP is an email filtering service that provides additional protection against advanced threats, in Microsoft’s words it “Protects your organization against sophisticated threats such as phishing and zero-day malware and automatically investigate and remediate attacks”
Now in English – Office 365 already provides protection against the bad guys but the bad guys are getting cleverer and there are more of them! There are over 1 million new threats released every day! What ATP does is holds emails on the Microsoft servers (in a detonation chamber, see IT can be cool!!) and scans them in real time. If the mail is identified as being from one of the bad guys and has unsafe links or attachments, they don’t send them to you (blow’s them up!), but if it is from a one of the good guys, (like you and I) they send them to you as usual!
If they are identified from bad guys and has unsafe links or attachments, they don’t send them to you (blow’s them up!), if they are from good guys they send them to you as usual!
Unfortunately, this is not enough as even the most advanced technology won’t stop every phishing attack, as whilst good IT equipment and services such as ATP will capture phishing attempts, some will still get through to a user.
The best form of defence Is knowledge on phishing and digital guardian (sorry American based!) has an excellent breakdown of just what the many forms of phishing are and how to stop it. If you do one thing from this week, please take some time to read, understand and distribute this infographic.
Infographic by Digital Guardian