One of the most prevalent vulnerabilities that we exploit to get into clients' are 网络钓鱼 campaigns.
We aren't the only ones 网络钓鱼 corporate networks either, with 66% of organizations experiencing 网络钓鱼 attempts in 2020, 根据 ProofPoint’s 2021 State of the Phish Report. Despite training and awareness campaigns educating users about 网络钓鱼 threats, these attacks are still one of the most tried and true methods employed by threat actors for a simple reason… they work. Which brings us to one of the most common questions our team encounters.
Outside of mock 网络钓鱼 and awareness campaigns, what are other strategies and tactics that are available to reduce their vulnerability to 网络钓鱼 attacks?
Increased 电子邮件 Filter and Security
Many of our clients are currently using Microsoft's Office 365 as their email exchange service. Office 365是一项很棒的bet9平台游戏, after all it has some incredible team collaboration tools that are just hard to beat. However, Microsoft’s E5 security services for Office 365 leaves a lot to be desired. 考虑到这一点,这令人担忧 94% of attacks on organization start with email. Another worrying statistic that was brought up in a recent Mimecast研讨会 is that 28% of emails delivered after being scanned by Microsoft’s E5 security are spam, 网络钓鱼, 恶意文件, 和ransomware. This also is an applicable statistic over the different organization segments, ranging from small businesses to enterprises. 正因为如此, we suggest that companies add another layer of security to their email services, as well as an increase in user training and awareness – while technology will never full protect 网络钓鱼 emails from getting through, the combination of educated end users and strong filters is a great start to protecting your organization from 网络钓鱼 attacks.
While there are a number of vendors and services out there, Mimecast is the preferred platform that our team uses internally, as well as the one that we suggest clients utilize. Mimecast specializes in cloud-based email management for Microsoft Exchange and Office 365 with the email security service covering email filtering as well as user training, helping to lower the effect of 网络钓鱼 attacks on your users. The service helps to protect users by running on top of the Microsoft Exchange and O365 and helps identify malicious emails. 根据Mimecast的说法, their service is able to find an additional 28% of emails that passed through Microsoft's E5 security that can be identified as spam, 网络钓鱼, 恶意文件, 或ransomware. Mimecast就像一个沙盒, stopping messages at the perimeter so that possible threats do not reach the actual mailbox environment. However, this is only one of the four attack vectors that Mimecast defends against.
The next attack zone that is protected is in the mailbox and network of an organization. 这些攻击通常以用户为目标, and so Mimecast offers their Security Awareness Training to help mitigate this risk. It is also worth noting here that organizations that provide engaging security awareness training to their employees are five times less likely to suffer an attack. The next zone is beyond an organization's inbox and deals with email domain spoofing and brand exploits, where attackers will act as an organization by imitating either a style or domain name to trick users into trusting them. The last zone deals with APIs, and connected ecosystems. This deals with security that can extend and integrate with other security controls, giving an organization protection with their integrated solutions and services.
改进用户培训
除了邮件过滤, the other suggestion we have is increased user training as human error is something that malicious actors depend on in order to get into networks. Even with a great email filtering system, attackers are still able to get some content through, and can force unknowing users to activate an attack. Evaluate your current training program and have a combination of security awareness materials that support your mock 网络钓鱼 campaigns. When developing your simulated 网络钓鱼 attacks take the time to make them complex and relevant to your employees. Remember, if your end users aren't trained to be ready for an attack, neither is your organization.
施耐德倒下有何帮助?
If you have any questions, we are here to help! In addition to our services and software solutions, our team offers a diverse library of complimentary cybersecurity resources including case studies, whitepapers and security awareness materials. 你可以浏览图书馆 rnvg.jkchealthtech.com/cybersecurity/resources.
About Schneider Downs 网络安全
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, intrusion prevention/detection review, ransomware安全, vulnerability assessments and a robust digital forensics and incident response team. 欲了解更多信息,请访问 rnvg.jkchealthtech.com/cybersecurity 或bet9平台游戏的团队 (电子邮件保护).
If you suspect or are experiencing a network incident, our 事件应变小组 is available 24x7x365 at 1-800-993-8937.
想要更多网络安全内容? Subscribe to our bi-weekly newsletter, 关注网络安全, for the latest insight and news in the cybersecurity world.
