Story image

Cofense to bring phishing’s meteoric rise back down to earth

03 Apr 18

​Phishing is a problem that has skyrocketed over time with no signs of slowing down.

Cofense (recently rebranded from PhishMe) vice president of marketing Susan Warner says the rise of phishing will continue simply because it works so well.

“Over 280 billion emails are sent daily and at the same time some reports say that 90 percent of data breaches start with a malicious email. Phishing, sadly, works for many of the bad actors who continue to use this vector to attack,” says Warner.

Many experts believe phishing to be the most persistent and pernicious cyberattacks that organisations face – and the numbers don’t lie.

Cofense released a whitepaper that collated a number of findings around phishing, including APWG’s discovery that the number of unique phishing websites increased 250 percent just between the final quarter of 2015 and the first quarter of 2016, while Symantec’s 2016 Internet Security Threat Report revealed that spear-phishing campaigns targeting employees increased 55 percent.

The report from Cofense stresses that what is particularly troubling for practitioners is phishing attacks have grown to be more targeted and dangerous as the variety of attack methods continues to evolve. This growth is being driven by a burgeoning criminal marketplace, which Symantec outlined in its latest Internet Security Threat Report.

“Attackers will cooperate, with some specialising in phishing kits, and others selling them on to other scammers who want to conduct phishing campaigns,” the report states.

“These kits often trade for between US$2 and $10, and their users do not require much in the way of technical skills to operate them or customise their webpages to suit their needs.”

Warner says there are mounting challenges for enterprises in fighting phishing attacks.

“The first is that an end user will unwittingly click on something they should not have and bad things begin to happen.  Another is that the hackers are getting more and more sophisticated in their attacks – using better and more targeted techniques to attack,” says Warner.

“They are also exploiting core Windows functionality to initiate attacks – tools like OLE and DDE that are designed to improve operability in Windows are used to exploit users or deliver malware.”

At the same time, phishing emails are becoming more ‘potent’ with Cofense finding in its report that as of March 31 2016, 93 percent of all phishing emails analysed contained encryption ransomware, up from 56 percent just three months earlier.

In terms of how businesses can overcome the malicious and tenacious demands of phishing, Warner has some advice for enterprises.

“It comes in two ways – the first is to train employees on what to be aware of and how to report when they see something,” says Warner.

“The second is to make sure that they have tools and plans in place to remediate when something gets past the perimeter. Having an incident response team ready to dive into solving a problem is key.”

There’s no doubt that phishing’s meteoric rise has made incident response programs absolutely crucial to operations.

According to Cofense, a successful phishing incident response program requires the ability to collect relevant data, organizing that data into actionable threat intelligence, and getting that optimised threat intelligence into the hands of incident responders who can then make good decisions that reduces an organisation’s risk.

This type of orchestration is critical in protecting organisations from the damage a successful phishing exploit can wreak

For years PhishMe have been the experts in phishing prevention, offering solutions that drive recognition, reporting and response in a platform that makes sure any information gleaned from multiple systems and users works in concert with incident responders and other security experts to detect and remediate phishing incident.

The company is now celebrating its rebranding to Cofense as it widens its focus across the cyberthreat environment. In light of this, Cofense is offering a FREE party pack.

Click here to get yourself a free Cofense Party Pack.

Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.