How to deal with the escalating phishing threat

2020-11-04 05:00

For attackers, it's almost a no-brainer: phishing is cheap and humans are fallible, even after going through anti-phishing training.

That's why defenders must preempt attacks, he says, and reinforce a lesson during a live attack.

"We are detecting 21,000 new phishing attacks a day, many of which have moved beyond corporate email and simple credential stealing. These attacks can easily evade email phishing defenses that rely on static, reputation-based detection. That's why we typically see 80-90% of attacks evading conventional lines of defense to compromise the network," he told Help Net Security.

"Finally, we're seeing cybercriminals trying out innovative ways to evade detection. For example, bad actors may register a domain that lays dormant for months before going live," he added, and noted that they've witnessed a 3,000% increase in the number of phishing attacks since everyone began working and learning from home, and they expect this growth trend will continue.

Finally: some attacks inevitably breach all defenses and they must be prepared to quickly detect and respond to attack, and perform the necessary cleanup.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/QaiB5gtJ0vA/

#phishing #threat