SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Cofense to bring phishing’s meteoric rise back down to earth
Tue, 3rd Apr 2018
FYI, this story is more than a year old

​Phishing is a problem that has skyrocketed over time with no signs of slowing down.

Cofense (recently rebranded from PhishMe) vice president of marketing Susan Warner says the rise of phishing will continue simply because it works so well.

“Over 280 billion emails are sent daily and at the same time some reports say that 90 percent of data breaches start with a malicious email. Phishing, sadly, works for many of the bad actors who continue to use this vector to attack,” says Warner.

Many experts believe phishing to be the most persistent and pernicious cyberattacks that organisations face – and the numbers don't lie.

Cofense released a whitepaper that collated a number of findings around phishing, including APWG's discovery that the number of unique phishing websites increased 250 percent just between the final quarter of 2015 and the first quarter of 2016, while Symantec's 2016 Internet Security Threat Report revealed that spear-phishing campaigns targeting employees increased 55 percent.

The report from Cofense stresses that what is particularly troubling for practitioners is phishing attacks have grown to be more targeted and dangerous as the variety of attack methods continues to evolve. This growth is being driven by a burgeoning criminal marketplace, which Symantec outlined in its latest Internet Security Threat Report.

“Attackers will cooperate, with some specialising in phishing kits, and others selling them on to other scammers who want to conduct phishing campaigns,” the report states.

“These kits often trade for between US$2 and $10, and their users do not require much in the way of technical skills to operate them or customise their webpages to suit their needs.

Warner says there are mounting challenges for enterprises in fighting phishing attacks.

“The first is that an end user will unwittingly click on something they should not have and bad things begin to happen.  Another is that the hackers are getting more and more sophisticated in their attacks – using better and more targeted techniques to attack,” says Warner.

“They are also exploiting core Windows functionality to initiate attacks – tools like OLE and DDE that are designed to improve operability in Windows are used to exploit users or deliver malware.

At the same time, phishing emails are becoming more ‘potent' with Cofense finding in its report that as of March 31 2016, 93 percent of all phishing emails analysed contained encryption ransomware, up from 56 percent just three months earlier.

In terms of how businesses can overcome the malicious and tenacious demands of phishing, Warner has some advice for enterprises.

“It comes in two ways – the first is to train employees on what to be aware of and how to report when they see something,” says Warner.

“The second is to make sure that they have tools and plans in place to remediate when something gets past the perimeter. Having an incident response team ready to dive into solving a problem is key.

There's no doubt that phishing's meteoric rise has made incident response programs absolutely crucial to operations.

According to Cofense, a successful phishing incident response program requires the ability to collect relevant data, organizing that data into actionable threat intelligence, and getting that optimised threat intelligence into the hands of incident responders who can then make good decisions that reduces an organisation's risk.

This type of orchestration is critical in protecting organisations from the damage a successful phishing exploit can wreak

For years PhishMe have been the experts in phishing prevention, offering solutions that drive recognition, reporting and response in a platform that makes sure any information gleaned from multiple systems and users works in concert with incident responders and other security experts to detect and remediate phishing incident.

The company is now celebrating its rebranding to Cofense as it widens its focus across the cyberthreat environment. In light of this, Cofense is offering a FREE party pack.

Click here to get yourself a free Cofense Party Pack.