Cybersecurity and Attack Mitigation (Phishing)
We can all agree that prevention is better than cure in any situation whether it be critical or not. After all who wants to deal with a problem just because there were no precautions done? Especially in today’s cyberspace, digital crimes do happen left and right. Sometimes the victims do not even know that they are being hit as most cybercrime techniques evolve over time, however, no matter how smart these criminals get, anti-cybercrime tools, technologies, and countermeasures also evolve over time.
(Most Popular and Oldest)
A phishing attack is an oldest and most common attack towards people in general when it comes to the cyberspace. It targets both corporations and casual internet users alike, it is widespread and easy to deploy, because it does not take a genius in programming to set it up. Users are usually lead to phishing sites via socially engineered attacks through email or SMS blasts and/or possibly a man in the middle attack through DNS poisoning which diverts internet traffic away from legitimate servers routed towards fake ones.
These attacks are usually on the side of the cloud and websites where some legitimate websites are injected with files which replaces either the index or inserts the phishing page to its subfolders for their potential victims to visit. The unsuspecting website owner would not know that the domain is now a host of such criminal activity.
There is also another phishing approach that is more sophisticated which does not only copy a log in page, but also impersonates the whole website of its target including the domain name through domain squatting to make it look legitimate which is dangerously harmful for the business, because the potential impact of such attack is tremendous not only in stealing credentials, but this could give a bad name to the targeted institution as it implies a lot of negativity on the business part.
Mitigating the Attacks
Since these attacks happen in the cloud and are usually done through redirection and social engineered messages. Companies that are being impersonated are vulnerable as well as the customers and thus would need a more direct approach to lessen the impact the right way. A good phishing solution plan would greatly mitigate attacks.
So let’s start with the ones being impersonated which is mostly the financial sector.
1. Securing the In-house Infrastructure
They should invest in their in-house IT infrastructure and secure their own networks by deploying applications on the front end that would be able to track their key employee’s activities in order to prevent leak of vital information and prevent conspiracy with cybercriminals.
2.Securing the back end and the cloud.
Upgrading the firmware, database and most of all applying security patches to known threats and possible threats could help sure your data and website from being copied. Applying secured HTTP is helpful too. Securing includes business continuity plans.
3. Information Drive
Sending out emails to your customers and giving out tips on how to avoid being targeted by phishing scams would be effective. Sending emails is efficient and cost-effective, plus the customers would feel valued.
4. Hire Effective IT Security Team
Hunting down deployed phishing sites would be the best option to reduce victims of phishing attacks. Let your Phishing Intelligence team do it pro-actively by using technologies that could help them take down the rogue sites, the associated email addresses used to send social engineered emails and poisoned DNS.
5. Maintain the Public Image
Your business could use a good public relations management team to reduce the “shame” of being impersonated. Your Public Relations team should handle customers in order to manage customer retention and satisfaction.
- Deploy a web scanning technology managed by your IT security team, it can be either made by your own developers or outsource them.
- Online abuse page – yes give your customers to voice out and report suspicious emails and websites impersonating your business.
How about the common folk who loves to browse websites and do online transactions, how do they protect themselves?
1. Be vigilant on emails
Are you receiving emails from strangers? How about from your friends and loved ones? You have to be more attentive to details and determine by yourself on how the emails were written. You can ask yourself questions such as:
- Is this his/her writing style?
- Is the grammar correct? Most likely if it does not look right, it is totally wrong and bogus.
- Did I sign up for this?
- Does the email look professionally written?
- Did the email include the correct legitimate domain whenever you are highlighting the URL?
If you are suspicious of the email content, just identify and declare it as spam and then call your bank right away for clarification. Being suspicious and cautious is the first step towards a self anti-phishing method.
2. Be observant of the domain name and URL.
Legitimate domains can be impersonated and with a few modifications can make an unsuspecting visitor unaware of the slight difference of the legitimate website versus the impersonating site. Always check the spelling of the URL and the secured HTTP connection on your browser. If it looks suspicious then stop and make sure that you have kept a record of the legitimate URLs you access for your online transactions.
3. DNS poisoning?
Check the secured HTTP connection on your browser, next is to check whether the browser resolved to the URL that you were trying to visit in the first place, if you noticed redirections and changes on the URL, then do not proceed and try to contact your ISP regarding the redirections. Sometimes a simple malware scan on your computer would be the culprit of the redirections which is not necessarily a poisoned DNS.
4. Login forms asking too much information?
Is the site asking too much information such as:
- Credit card numbers
- CVV and Expiry dates
- ATM pins
- Date of Birth
Then most likely it is a phishing site, avoid it at all costs.
Technology and tools for the home users
Most home users are unaware of phishing threats. Giving them options to use commercially ready software to help them secure their online activities would be convenient for them.
- The use of a secured password managing software using 256-bit AES encryption to store your online banking websites and credentials will help.
- Anti-Malware software that could give you a warning that the website is a scam/phishing.
- If you are using chrome, report the phishing sites to Google so that they can warn users of about it.
Technology is at our fingertips, yet danger comes with it. Let us utilize technology and at the same time educate ourselves. Taking down phishing sites should be taken more seriously and it starts with being knowledgeable about their existence.