• Corporate
  • Oct 12, 2021
  • By QOMPLX

Identify and Fight the Phish #CyberMonth

Identify and Fight the Phish #CyberMonth

It’s Cybersecurity Awareness Month – don’t fall for the phish. Phishing – when a bad actor poses as a reputable sender in order to gain access to information, credentials, or deploy malware (including ransomware) – is one of the biggest issues in cybersecurity today. In 2020, phishing was responsible for over $54 million worth of losses in the United States alone according to the FBI Internet Crime Report, the number of cases more than doubling since 2019.

Phishing can bypass sophisticated perimeter security by preying on busy users with divided attention. Even the most innocuous email can be a phishing attack. A link to a birthday card from grandma can actually be a bad actor; a note from a manager can be sent from a false email address. Techniques have become more advanced, and a phishing email can be extremely difficult to spot.

Phishing fallout

The consequences of falling for a phishing attack can be catastrophic. Once the phisher has obtained the desired information, they can use it to obtain false credentials, pretending to be the person they phished. This stage of the attack is especially dangerous in cyber environments where there is no assumption of breach and therefore inadequate verification of identity transactions. In those cases, the phisher is granted full access to everything the phishing victim had. Through lateral movement, these credentials can be used to perform larger, more devastating attacks.

How to combat the phish

The first line of defense is to employ a secure email gateway and post-delivery protections. Next, make certain your users are well-trained in spotting phishing attempts through tailored simulations and tests like those offered through QOMPLX’s Offensive Security Services. Consistently encourage your users to carefully examine emails and texts and not click on suspicious links. Even with precautions, someone in the organization falling for a phishing attack is still quite likely.

Managing privileges so that credentialed users on a system only have access to what they need through the principle of least privilege is one way to reduce damages. Having users that are too highly privileged, makes a hacker’s job much easier. QOMPLX Privilege Assurance identifies weaknesses in Active Directory environments and helps organizations limit the blast radius of each user in the event they are compromised.

Once a bad actor has gained entry into the infrastructure through phishing, it’s incredibly important to detect lateral movement, credential compromise, and privilege escalation attacks in real-time. These attacks can only be accurately detected with a massively scalable tool that can monitor and validate all identity-related transactions. QOMPLX Identity Assurance provides solutions for both the Cloud and on-premises servers by validating that each user who requests access is truly who they say they are.

Phight the phish! Be careful, be aware, and make sure everyone is who they say they are on your network.

You might also be interested in

The Climate Crisis: A Systemic Risk Triggering Action in the Insurance Industry

The Climate Crisis: A Systemic Risk Triggering Action in the Insurance Industry

Steve Smith, Director, Insurance Product and Modeling with QOMPLX, discusses how the climate crisis is set to trigger change within the insurance industry, “...as the climate crisis evolves many risks will become effectively uninsurable, representing a loss of business to the insurance industry.”

Read more
How much automation?

How much automation?

Automation of underwriting decisions has a very tangible benefit - cost savings. When rules are automated and decisions are made based on reliable supporting data, underwriters can focus on the outliers and make the most of their precious time.

Read more
QOMPLX Releases the Arkscrape Community Edition: open source internet archiving for investigators and researchers

QOMPLX Releases the Arkscrape Community Edition: open source internet archiving for investigators and researchers

QOMPLX’s Arkscrape tool easily archives web pages, making it ideal for research and investigations in complex cases such as human trafficking by journalists, academics, law enforcement, and other researchers.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.