Like shooting phish in a barrel

Like shooting phish in a barrel Image 1
Like shooting phish in a barrel Image 2

Phishing is one of the most common tools employed by hackers because it's easy, inexpensive and ridiculously effective.

In statistics gathered by IBM's red hat team, someone would always interact with their test phishing campaign, meaning phishing always gave them a successful entry point. You just know someone's going to click on the link.

In the global test phishing campaign hosted by Terranova Secuity in late 2020, around 20% of employees interacted with the phishing email; and this group included companies that had had recent IT security training. Terranova Security's report said companies undergoing their first test phishing campaign had click through rates of around 20-30% with about half of these people going further to submit data on a web form (e.g. providing their username or password).

Phishing's so effective, it's not going anywhere soon. Reports show phishing attacks were up 75% in Australia in 2020.

If getting phished is inevitable, what can you do about it? While there are a number of good practices to have in place, Microsoft has estimated that 99.9% of account compromise attacks could be prevented with Multi-factor Authentication.

If you don't already have MFA, stop what you're doing, get off your device and go turn it on. For anyone new to the space, there are a range of MFA options each with their own pros and cons, so be sure to do your research. Methods such as security questions, one-time passwords and SMSs sent to mobile devices are going out of favour as this data can be provided straight to the attacker. Other methods such as push notifications or biometric factors are gaining popularity because they provide a genuine second factor of authentication.

Using MFA with other best practices such as geoblocking, web content filtering and disabling macros in office documents will go a long way to protecting your business from becoming a phishing statistic.

No matter what you do, attacks are always evolving and employees are always a possible vulnerability. That's why all cyber security teams need a strong incident response function. When you do get breached, you need to be able to respond quickly, and have the ability to remove emails, block malicious documents and prevent access to malicious web sites. You need your incident response playbook set up, tested and ready to roll.

Remember, the first part of any incident response plan is preparation. And what better way to prepare then to hire the right talent. Contact Decipher Bureau to find out how we can help you get the right talent so you're ready to respond to the inevitable attacks your business will face.