Over the years we have seen an escalating number of spear-phishing attacks. Part of the increase may actually be due to increased reporting, however, I suspect that even in the criminal world there is a sense of fashion and easy money is quite fashionable.
The problem with phishing attacks is that technology is not well suited to combat them. Once the attack succeeds, anti-virus can block a malicious program – if the attacker wasn't sophisticated enough to make sure he knew what AV solution was in use and that he had something it wouldn't detect. Once an attack has succeeded, intrusion detection systems can help mitigate the damage by alerting IT to suspicious activity. Good network segmentation and access control can help mitigate damages. However, in the case of spear-phishing, sometimes the victim has legitimate access.
If you are going to effectively fight this prevalent form of cybercrime, you are going to have to have an educated workforce. Since most colleges don't teach social engineering defense skills, it falls on the savvy employer to provide education for their employees.
Cybercrime will only continue to evolve and worsen. The time to proof up your employees against cybercrime is now; the means is with Internet security awareness training. Take a free Internet security phishing test!
Above article source: Fighting cybercrime
The problem with phishing attacks is that technology is not well suited to combat them. Once the attack succeeds, anti-virus can block a malicious program – if the attacker wasn't sophisticated enough to make sure he knew what AV solution was in use and that he had something it wouldn't detect. Once an attack has succeeded, intrusion detection systems can help mitigate the damage by alerting IT to suspicious activity. Good network segmentation and access control can help mitigate damages. However, in the case of spear-phishing, sometimes the victim has legitimate access.
If you are going to effectively fight this prevalent form of cybercrime, you are going to have to have an educated workforce. Since most colleges don't teach social engineering defense skills, it falls on the savvy employer to provide education for their employees.
Cybercrime will only continue to evolve and worsen. The time to proof up your employees against cybercrime is now; the means is with Internet security awareness training. Take a free Internet security phishing test!
Above article source: Fighting cybercrime
