Hardening Your Office Against Phishing
What can you do to protect your organization from phishing attempts?
Hackers know that the easiest attack vector for compromising networks is often the people who interact with them. Phishing is a favorite method of hackers who use social engineering to turn your employees into security exploits. It’s often as simple as sending an emailed link to a legitimate-looking login screen, enabling them to capture the account credentials of the unsuspecting recipient. What can you do to protect your organization from phishing attempts?
Training for Skepticism
All employees with active email accounts or access to company computers should receive education on what phishing is, why it is dangerous and what the threats might look like. Phishers attempt to emulate familiar addresses and domains, sometimes spoofing email addresses (changing email nicknames so the name displays as a familiar person or entity) or buying domains that are very similar to legitimate ones. Employees need to be coached to look out for these red flags and to be suspicious of unsolicited links or attachments being sent through email. If an employee receives a link or an attachment from someone they know that seems out of place, they should be trained to pick up the phone and confirm it is safe to open. (Take a quick test to determine your susceptibility to phishing here)
2 Is Better Than 1
Enabling 2 factor authentication on important accounts is a way to ensure that even if someone slips up and exposes their credentials to a hacker, that hacker still doesn’t have access to the account. With 2 factor authentication anyone who enters the username and password to the account would have to answer a 2nd level challenge, inputting a code that is sent to a cell phone, or to a separate email account. This level of security will normally stop a phisher dead in their tracks; the password should still be changed if such an attempt is discovered, but 2 factor authentication should be enough to stop the scammer from gaining full access.
Limit the Size Of The Phish
Scammers and hackers hit pay dirt when they can access an account that is tied into scores of other services; your email might be the key that unlocks credit cards, Pay Pal, company bank accounts, servers and firewalls. Properly designating permissions within your company will ensure that if lower level employees fall victim to phishing attacks, the damage will be siloed off and won’t expose the entire company to infiltration. A routine audit of who has access to what should be conducted within every organization, to make certain that employees only have control over accounts and systems they need to execute their work duties. Scammers often target lower level executives in what is known as “Spear Phishing” or top-level executives (or celebrities) in “Whaling”; in both cases, scammers will attempt to research the targets, in order to craft a message which appears to be from a familiar person or service.
Technical Protection from Social Engineering
Email providers and security firms are aware of the major problems caused by phishing and there are technical steps that admins and Managed Service Providers can take to stop phishing emails from making it to users. Email services like Microsoft’s 365 Exchange have advanced junk mail and spam filters which will keep many phishing attempts from hitting a user’s primary inbox. Many security and firewall companies, such as WatchGuard and Webroot, also have DNS filtering capabilities which can scan emails for links to known or suspected phishing domains. Email admins can also deactivate hyperlinks in emails as part of the group policy for the organization—this can be a hassle for end users, but can slow down phishing. Keeping systems patched and updated, as always, is of great importance when safeguarding against any threat, as savvy hackers can take advantage of outdated systems to gain access to security loopholes. As with all threats, the importance of regular, reliable backups cannot be overstated. If the worst happens and your system is compromised by a phishing attack, leading to ransomware or other catastrophic breaches, your company’s data should be backed up and restored from a secure location.
Chances are, if you are a regular user of email, you’ve encountered a strange message from a friend or associate at some point who has had their account compromised and as a result, their email has become a tool for scammers to spam all their contacts and perpetuate the attack. Phishing attacks have likely been around since the popularization of email and are only growing in scale. If you have questions about safeguarding your organization, call Mankato Computer Repair. We can assess your network, office and email system for efficiency, stability and security.