SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Why phishing is a bigger threat than ransomware
Tue, 28th Sep 2021
FYI, this story is more than a year old

While enterprise security teams have had their hands full battling sophisticated ransomware attacks, phishing raids are on the rise with the easing of pandemic-related restrictions.

In recent weeks, Microsoft warned of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software.

“Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking,” Microsoft 365 Defender Threat Intelligence Team said in a report.

In fact, Microsoft warned of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software.

Doing so leads to a series of redirections — including a CAPTCHA verification page that adds a sense of legitimacy and attempts to evade some automated analysis systems — before taking the user to a fake sign-in page. This ultimately leads to credential compromise, which opens the user and their organisation to other attacks.

Attackers will keep hammering away at remote access technologies and vulnerabilities in cloud environments, attempting to steal credentials and obtain confidential enterprise data.

While large ransomware attacks certainly make news coverage, phishing attacks are more common and have increased significantly. The latest data shows a worldwide web laden with phishing websites.

Since 2016 phishing has replaced malware as the leading type of unsafe website. While there were once twice as many malware sites as phishing sites, there are now nearly 75 times as many phishing sites as there are malware sites.

So how to stop phishing attacks? The first step is to recognise that no single application vendor can solve all an organisation's security needs. Instead, it's best to implement a centralised security control point across cloud services, web and private data center applications with a common policy framework for data protection, threat protection, and acceptable use policy.

Preventing today's increasingly dynamic phishing attempts requires next-generation ‘on-device' web security that can block phishing sites and apply advanced threat protection across all users' devices, both managed and unmanaged.

Ensuring safe browsing in a mobile-to-cloud environment requires comprehensive security controls with deep visibility, bringing together disparate security functions into a single-cloud delivered security platform — without agents, VPNs, and performance bottlenecks.

Protection against phishing attacks and cyber-crime requires modernising web security, moving beyond appliances or cloud proxies that don't scale.

Seek a secure web gateway that inspects traffic directly on the user endpoint to deliver security, privacy and low-latency performance for a new generation of hybrid workers — without the management overhead and operational costs of traditional web security.