One of the more technical terms we use in our industry is “phishing”. Phishing in security circles refers to criminal activity using email with a message that is bait for the unsuspecting user to click on. Phishing is the number one method used by criminals to distribute ransomware.
Criminals put together phishing campaigns just like a company might do a marketing campaign to sell their products and services. Depending on the sophistication of the criminal, the phishing email may be poorly constructed with obvious flaws, or a carefully constructed message meant to mimic a legitimate email. Criminals have access to email lists and tools to create the phishing email content and the ransomware software.
The better and more targeted the list, the more the criminals pay per email. The most sophisticated phishing campaigns we have seen have phishing emails look like emails sent within a company from a manager to a subordinate. Many of the phishing campaigns are now role based where the criminals target Human Resources or Accounts Payable personnel.
DeckerWright Corporation uses a multi-layer approach to protecting our client’s data. Every email is checked by a spam filter before delivery. Most phishing attempts never reach the client’s inbox. For phishing emails that make it past the spam filter, the spam filter modifies the email so that any embedded URL is checked by the service when it is clicked. If the URL is evil, the spam filter service won’t let the client reach it. We also run AV software and malware protection on each PC.
As part of the new Compliance Security Service (CSS), DeckerWright is now offering to send phishing emails to test users. If the users click in the email, they get redirected to a training web site where they can review training material on how to spot and avoid phishing emails. The CSS also includes a Security Information and Event Management (SIEM) tool that monitors network traffic looking for bad behavior. The SIEM includes log file storage that would allow us to go back in time to determine the root cause of a criminal attack.
Current clients receiving Business Security Services can add any of the components included in the Security Service bundle as an option. The Compliance Security Service bundle provides significant savings if the client needs or wants all of the services necessary for regulator or contractual compliance.
Click HERE for more information.