Insight Code Top
Insight Code Bottom
phishing and cyber crime concept. fishing hook on computer keybo

How to protect against a phishing attack

11th December 2020

6 min read

Phishing attacks are not exclusive to a certain type of business or profession. They can happen to anyone and most people have received a phishing email in their lifetime. A phishing attack can negatively affect your business if unprotected. Defending against phishing can be achieved with some efficient and effective control measures for your team and devices.

 

What is a phishing attack?

Phishing attacks occur when a malicious actor intends to trick users into carrying out an unintended action. This type of attack can be used to download malware onto a device or send users to a suspicious website that malicious actors may use to obtain your personal or company information, such as user credentials.

One of the most convincing elements of a phishing attack is its ability to stay relevant to current events. Malicious actors use news and often financial-related topics to draw users in. Phishing attacks can be carried out using a text, phone call or on social media, but most commonly, via email. Phishing via email means senders can access thousands, even millions, of targets directly. The intention is for these emails to look official and urgent to make them difficult for users to ignore and develop suspicion, encouraging them to follow the malicious instructions within the email.

 

Why do you need to protect yourself?

The intention of a phishing email is not clear upon opening. Some actors may send an email to millions of people hoping to get some intellectual property, such as passwords. More sinister actors may engage in a phishing campaign against your organisation specifically, which is commonly referred to as “spear phishing”. It is important that your business is protected against phishing attacks to prevent the negative impact it may have on your reputation, financial position, employees and customers.

Protecting your organisation from phishing attacks ensures you can mitigate risk while minimising disruption to your business and productivity. Putting protective measures in place ensures your users can identify a phishing email and makes it difficult for malicious actors to reach your end-users. It is important to help your users understand the impact of a phishing attack if it goes undetected and how to report one to ensure it does not reach this stage. A quick response to any suspected phishing incident is crucial to minimise the impact of a successful attack as much as possible.

Protective measures should be a combination of user training and technical controls. This will ensure that you are adopting a defence in depth approach to building resilience against  phishing attacks. This should ensure that you have multiple opportunities to effectively detect and prevent a successful phishing attack. The evolving nature of phishing attacks means it will not always be possible to stop them, but your awareness and knowledge will ensure you can plan and mitigate risk accordingly.

 

Here are 3 ways to protect against a phishing attack:

1. Train your users to identify and report phishing

As discussed, training is a crucial part of phishing protection. Users naturally open emails and click on links during the day as part of their work and personal duties. It is not often that everyone vigilantly checks each email before opening it. As phishing attacks are getting more sophisticated and realistic, it may be difficult to identify every attempt. Our blog post dissects a real phishing email and shows you how to spot the different elements that can be used to identify suspicious emails.

Training your users to understand the common tactics used in phishing emails will ensure they can spot when emails are official and when they are not. Make sure your users know the impact of phishing attacks and the benefits of sufficient protection. They should also know when and how to report an attack or suspicion. Having an open and honest reporting culture will help your users feel like they can report an incident without being blamed or punished.

 

2. Secure and configure your devices and accounts

Technical protection can be achieved by securing your user devices. As malware is often downloaded onto devices when sinister links are clicked, you should ensure anti-malware is in place and your devices are well-configured. This will reduce the likelihood that common malware is executed on a device even if a link is clicked by the end-user. You should keep this software up to date so your device can remain protected.

You can also implement software that automatically blocks suspicious websites. Even if an email link is clicked, if the browser cannot open the website the attack cannot continue. Most browsers will block sites if they are known for phishing or malware. Two-factor authentication will also add another layer of protection to user accounts, should a user’s password be compromised.

 

3. Protect your email addresses and filter incoming emails

Filtering and blocking phishing emails is a great way to protect against attacks. Mail filtering software prevents malicious emails from reaching your users’ inboxes ensuring that they cannot open it. It also helps to maintain user productivity as less time is spent going through emails and raising alerts for suspicious activity. Emails can be filtered or blocked using IP addresses, domain names, blacklists or attachment types. Whether you want to filter or block emails depends on the needs of your organisation, and may need to be reviewed depending on how your business operates.

One common phishing tactic is to replicate official emails to make it look like it was sent by a trusted and reputable organisation. This makes it harder for your users to identify a malicious email compared to a reliable one. Configure your mail filtering solution to check for anti-spoofing controls such as DMARC, SPF and DKIM, which makes it difficult for fake emails to be sent to your domains.

Regular simulations should be performed to maintain awareness and identify additional training requirements. Sentrium can help to protect your organisation from phishing attacks. We simulate phishing attacks and provide detailed metrics to aid your organisation in building resilience. Our simulations can be tailored to the frequency, targets and content of the phishing attacks. This supports your organisation to become more sophisticated against phishing attacks as you improve with training and practice.

Resources

  • Insights
  • Labs
White box penetration testing

Uncovering vulnerabilities with white box penetration testing

As a business owner or IT professional, you understand the importance of protecting your company’s sensitive data, systems and reputation from cyber threats. One of…

API penetration testing

Securing APIs through penetration testing

APIs (Application Programming Interfaces) have become the backbone of many modern applications, and indeed the foundation of some businesses services. APIs enable seamless communication between…

The importance of a post-penetration test action plan

The importance of a post-penetration test action plan

As cyber threats continue to evolve and become more sophisticated, businesses must stay one step ahead in protecting their sensitive data and network infrastructure. Penetration…

How to choose the right penetration testing partner

How to choose the right penetration testing partner for your business

In today’s digital landscape, cybersecurity threats are evolving at an alarming rate. With the growing number of cyber-attacks and data breaches, businesses must prioritise their…

IoT device security, penetration testing

Securing the Internet of Things: Penetration testing’s role in IoT device security

The world is witnessing a remarkable transformation as more devices become interconnected, forming what’s known as the Internet of Things (IoT). From smart refrigerators and…

Man working as a junior penetration tester

My first month working as a junior penetration tester

Entering the world of cyber security as a junior penetration tester has been an eye-opening experience for me. In my first month, I’ve encountered challenges,…

Password cracking: How to crack a password

An introduction to password security: How to crack a password

Online Password Cracking An online attack is performed in real-time, against live services or applications to compromise active user accounts. Such attacks typically occur when…

Application Security 101 – HTTP headers

Application Security 101 – HTTP Headers Information Disclosure

Server Header Information Disclosure The most common HTTP header that is enabled by default in most web servers is the ‘Server’ header, which can lead…

SPF, DKIM, DMARC and BIMI for Email Security

SPF, DKIM, DMARC and BIMI for Email Security

Sender Policy Framework Sender Policy Framework (SPF) is a DNS TXT record that is added to a domain that tells email recipients which IP addresses…

Terraform security best practices

Terraform security best practices (2022)

The following sections discuss our most important Terraform security best practices: The importance of Terraform State Terraform must keep track of the resources created. When…

Security vulnerability in Follina exploit

Preventing exploitation of the Follina vulnerability in MSDT

The Follina Exploit A zero-click Remote Code Execution (RCE) vulnerability has started making the rounds which is leveraging functionality within applications such as Microsoft Word.…

Application Security 101 – HTTP headers

Application Security 101 – HTTP headers

1. Strict-Transport-Security The HTTP Strict Transport Security (HSTS) header forces browsers and other agents to interact with web servers over the encrypted HTTPS protocol, which…

Get in touch with our experts to discuss your needs

Phone +44(0)1242 388634 or email [email protected]

Get in touch