Best Ways to Prevent Phishing Email Attacks

Phishing emails are a method used to compromise the end users’ computers to gain access to the network or to steal sensitive information. This is done by sending employees a fake email (called a phishing email), that tries to dupe the employees into sharing confidential information such as bank account details, login names and passwords etc. The Phishing Emails would appear to be from a trustworthy source. For instance, his bank requested to verify some information on a web link.

Even though the mail seems to have come from the bank, it is not. It redirects the user to a different website – not to the bank’s website. Although, the domain name looks similar (but it is not the same), and when the user enters data there, this allows the hacker to gain access to the credentials to the user’s computer or network. Alternatively, the web link may contain malicious code meant to gain access to the computer or & to the network by linking it to a command & control center operated by the hacker.

One type of phishing attack is a Spear Phishing attack. It’s a targeted attack in which a hacker or attacker researches the victim and sends what seems to be the relevant information in the email which makes it look more legitimate, and trustable. For example, it might contain details of transactions business meetings, or other such data. The email would include content that asks the person to take some action – like transferring money, sharing credentials, etc. This is particularly difficult to detect as often there is no attachment or link to check. The Radicati Group has estimated that around 3.2 billion people send around 269 billion emails every single day and some percentage of those are phishing emails. The Coronavirus situation has also seen a spike in the number of phishing emails.

The Major reason why Phishing attacks succeed is that the users are not educated. They click on the link or attachment in the email without checking if it is legitimate. If there are 100 employees in a company, all the hacker needs, is for one of them to click on the attachment or link – and provide the data to gain access. Compromised credentials are the main reason behind various Cyber-attacks. Phishing attacks are the way by which the credentials are obtained.

Different Types of Phishing Attacks

1. Spoofing the sender address in an email that looks like it has been sent from a known source – and requesting sensitive information.
2. Embedding a link in an email that looks like it originates from a trustworthy source. But the link takes the user to a malicious site.
3. When the user clicks on the link or attachment in the email, a Trojan is installed, which allows the hacker to exploit vulnerabilities and get access to sensitive information.
4. Attempting to get company information over the phone by introducing themselves as a known company vendor or the IT department.

Over the years phishing attacks have cost millions to organizations in terms of monetary and reputational loss, hence it is worthwhile to see how they can be prevented.

Few Steps to prevent phishing attacks:

1. Educate the employees by giving training to increase security awareness –
2. Ask your employees to make sure they check URLs properly – Open only https URL, if it is a financial transaction.
3. Specifically, direct them not to open attachments in emails from unknown sources;
4. Implement spam filters to recognize & block spam and phishing emails.
5. Single sign-on & strong authentication will prevent hackers from accessing confidential information even if the credentials are compromised.
6. Internet browser add-ons & extensions should be visible so that users can be alerted of suspicious activities.
7. Keep all systems up to date with the latest updates & patches.
8. Installing & monitoring antivirus software on all systems.
9. Instruct users to change their password regularly.
10. Implement Web filtering to block malicious websites.
11. Encrypt the sensitive information, so that even if hackers get access to the computer or network, they will not be able to access the information.
12. Protecting the corporate directory which includes the name, email ID, and employees’ other personal information of employees. This is important mainly in the case of BYOD – apps on employees’ mobile devices, which can access their address book & can export them to external sources. Therefore, installing mobile security on user devices is important.
13. Remote users should be connected over VPNs (Virtual Private Networks).
14. Testing employee awareness with fake Phishing email campaigns at regular intervals. This will identify vulnerable employees for further training.
15. Monitor the network – both incoming and outgoing traffic for anomalies and threats.
16. Conducting periodic Penetration Testing.

Finally, the main issue is – are you regularly monitoring the activities on your network? Continuous monitoring will help in detecting any abnormal activity and raise alerts. More advanced analysis can be done using data correlation provided by the SIEM (Security Information & Event Management) Solutions.

Hence, sound security policies blended with the right product & security awareness training is the most successful combination to prevent phishing attacks. Teceze helps in providing consultancy & Managed services in all these areas, including leveraging our SOC that is built on the AlienVault SIEM platform.

The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, just give us a call, we are here to help.

Phishing emails usually appear to come from a well-known organization and ask for your personal information such as credit card number, or password.