phishing and cyber crime concept. fishing hook on computer keybo

How to protect against a phishing attack

Tim Reed

Tim Reed

Phishing attacks are not exclusive to a certain type of business or profession. They can happen to anyone and most people have received a phishing email in their lifetime. A phishing attack can negatively affect your business if unprotected. Defending against phishing can be achieved with some efficient and effective control measures for your team and devices.

What is a phishing attack?

Phishing attacks occur when a malicious actor intends to trick users into carrying out an unintended action. This type of attack can be used to download malware onto a device or send users to a suspicious website that malicious actors may use to obtain your personal or company information, such as user credentials.

One of the most convincing elements of a phishing attack is its ability to stay relevant to current events. Malicious actors use news and often financial-related topics to draw users in. Phishing attacks can be carried out using a text, phone call or on social media, but most commonly, via email. Phishing via email means senders can access thousands, even millions, of targets directly. The intention is for these emails to look official and urgent to make them difficult for users to ignore and develop suspicion, encouraging them to follow the malicious instructions within the email.

Why do you need to protect yourself?

The intention of a phishing email is not clear upon opening. Some actors may send an email to millions of people hoping to get some intellectual property, such as passwords. More sinister actors may engage in a phishing campaign against your organisation specifically, which is commonly referred to as “spear phishing”. It is important that your business is protected against phishing attacks to prevent the negative impact it may have on your reputation, financial position, employees and customers.

Protecting your organisation from phishing attacks ensures you can mitigate risk while minimising disruption to your business and productivity. Putting protective measures in place ensures your users can identify a phishing email and makes it difficult for malicious actors to reach your end-users. It is important to help your users understand the impact of a phishing attack if it goes undetected and how to report one to ensure it does not reach this stage. A quick response to any suspected phishing incident is crucial to minimise the impact of a successful attack as much as possible.

Protective measures should be a combination of user training and technical controls. This will ensure that you are adopting a defence in depth approach to building resilience against  phishing attacks. This should ensure that you have multiple opportunities to effectively detect and prevent a successful phishing attack. The evolving nature of phishing attacks means it will not always be possible to stop them, but your awareness and knowledge will ensure you can plan and mitigate risk accordingly.

Here are 3 ways to protect against a phishing attack:

1. Train your users to identify and report phishing

As discussed, training is a crucial part of phishing protection. Users naturally open emails and click on links during the day as part of their work and personal duties. It is not often that everyone vigilantly checks each email before opening it. As phishing attacks are getting more sophisticated and realistic, it may be difficult to identify every attempt. Our blog post dissects a real phishing email and shows you how to spot the different elements that can be used to identify suspicious emails.

Training your users to understand the common tactics used in phishing emails will ensure they can spot when emails are official and when they are not. Make sure your users know the impact of phishing attacks and the benefits of sufficient protection. They should also know when and how to report an attack or suspicion. Having an open and honest reporting culture will help your users feel like they can report an incident without being blamed or punished.

2. Secure and configure your devices and accounts

Technical protection can be achieved by securing your user devices. As malware is often downloaded onto devices when sinister links are clicked, you should ensure anti-malware is in place and your devices are well-configured. This will reduce the likelihood that common malware is executed on a device even if a link is clicked by the end-user. You should keep this software up to date so your device can remain protected.

You can also implement software that automatically blocks suspicious websites. Even if an email link is clicked, if the browser cannot open the website the attack cannot continue. Most browsers will block sites if they are known for phishing or malware. Two-factor authentication will also add another layer of protection to user accounts, should a user’s password be compromised.

3. Protect your email addresses and filter incoming emails

Filtering and blocking phishing emails is a great way to protect against attacks. Mail filtering software prevents malicious emails from reaching your users’ inboxes ensuring that they cannot open it. It also helps to maintain user productivity as less time is spent going through emails and raising alerts for suspicious activity. Emails can be filtered or blocked using IP addresses, domain names, blacklists or attachment types. Whether you want to filter or block emails depends on the needs of your organisation, and may need to be reviewed depending on how your business operates.

One common phishing tactic is to replicate official emails to make it look like it was sent by a trusted and reputable organisation. This makes it harder for your users to identify a malicious email compared to a reliable one. Configure your mail filtering solution to check for anti-spoofing controls such as DMARC, SPF and DKIM, which makes it difficult for fake emails to be sent to your domains.

Regular simulations should be performed to maintain awareness and identify additional training requirements. Sentrium can help to protect your organisation from phishing attacks. We simulate phishing attacks and provide detailed metrics to aid your organisation in building resilience. Our simulations can be tailored to the frequency, targets and content of the phishing attacks. This supports your organisation to become more sophisticated against phishing attacks as you improve with training and practice.

Resources

  1. Automated vs manual penetration testing

    Automated vs manual penetration testing – which is best?

    Today’s online world is a little like a virtual battlefield, rife with threats and vulnerabilities. So, having a strong cybersecurity posture for your business is crucial. Penetration testing – either automated or manual – is an essential tool to protect sensitive data and systems from hackers. These two methods aim to make defences stronger against…

    Read more

  2. Mobile application penetration testing

    Safeguard your business with mobile app penetration testing

    Mobile applications have become an essential tool for businesses of all sizes to engage with customers, streamline operations and drive growth. However, the increasing reliance on mobile technology comes with a unique set of security challenges you can’t afford to overlook. Mobile applications introduce new attack surfaces and vulnerabilities that differ from traditional web-based applications.…

    Read more

  3. White box penetration testing

    Uncovering vulnerabilities with white box penetration testing

    As a business owner or IT professional, you understand the importance of protecting your company’s sensitive data, systems and reputation from cyber threats. One of the most effective ways to uncover vulnerabilities and strengthen your organisation’s security posture is through penetration testing, particularly white box penetration testing. White box penetration testing is a comprehensive approach…

    Read more

  4. API penetration testing

    Securing APIs through penetration testing

    APIs (Application Programming Interfaces) have become the backbone of many modern applications, and indeed the foundation of some businesses services. APIs enable seamless communication between applications, services and systems, allowing organisations to innovate, collaborate and deliver value to their customers. However, as reliance on APIs grows, so does the need for robust security measures to…

    Read more

  5. Password cracking: How to crack a password

    An introduction to password security: How to crack a password

    Online Password Cracking An online attack is performed in real-time, against live services or applications to compromise active user accounts. Such attacks typically occur when a malicious actor lacks direct access to the target system or application and aims to gain an initial foothold. The first step in conducting online password attacks involves establishing as…

    Read more

  6. The importance of a post-penetration test action plan

    The importance of a post-penetration test action plan

    As cyber threats continue to evolve and become more sophisticated, businesses must stay one step ahead in protecting their sensitive data and network infrastructure. Penetration testing is an essential tool in this ongoing battle. Penetration testing – also known as pen testing or ethical hacking – is a controlled approach to identifying vulnerabilities in an…

    Read more

Get in touch with our experts to discuss your needs

Get in touch