Story image

Cofense to bring phishing’s meteoric rise back down to earth

03 Apr 2018

​Phishing is a problem that has skyrocketed over time with no signs of slowing down.

Cofense (recently rebranded from PhishMe) vice president of marketing Susan Warner says the rise of phishing will continue simply because it works so well.

“Over 280 billion emails are sent daily and at the same time some reports say that 90 percent of data breaches start with a malicious email. Phishing, sadly, works for many of the bad actors who continue to use this vector to attack,” says Warner.

Many experts believe phishing to be the most persistent and pernicious cyberattacks that organisations face – and the numbers don’t lie.

Cofense released a whitepaper that collated a number of findings around phishing, including APWG’s discovery that the number of unique phishing websites increased 250 percent just between the final quarter of 2015 and the first quarter of 2016, while Symantec’s 2016 Internet Security Threat Report revealed that spear-phishing campaigns targeting employees increased 55 percent.

The report from Cofense stresses that what is particularly troubling for practitioners is phishing attacks have grown to be more targeted and dangerous as the variety of attack methods continues to evolve. This growth is being driven by a burgeoning criminal marketplace, which Symantec outlined in its latest Internet Security Threat Report.

“Attackers will cooperate, with some specialising in phishing kits, and others selling them on to other scammers who want to conduct phishing campaigns,” the report states.

“These kits often trade for between US$2 and $10, and their users do not require much in the way of technical skills to operate them or customise their webpages to suit their needs.”

Warner says there are mounting challenges for enterprises in fighting phishing attacks.

“The first is that an end user will unwittingly click on something they should not have and bad things begin to happen.  Another is that the hackers are getting more and more sophisticated in their attacks – using better and more targeted techniques to attack,” says Warner.

“They are also exploiting core Windows functionality to initiate attacks – tools like OLE and DDE that are designed to improve operability in Windows are used to exploit users or deliver malware.”

At the same time, phishing emails are becoming more ‘potent’ with Cofense finding in its report that as of March 31 2016, 93 percent of all phishing emails analysed contained encryption ransomware, up from 56 percent just three months earlier.

In terms of how businesses can overcome the malicious and tenacious demands of phishing, Warner has some advice for enterprises.

“It comes in two ways – the first is to train employees on what to be aware of and how to report when they see something,” says Warner.

“The second is to make sure that they have tools and plans in place to remediate when something gets past the perimeter. Having an incident response team ready to dive into solving a problem is key.”

There’s no doubt that phishing’s meteoric rise has made incident response programs absolutely crucial to operations.

According to Cofense, a successful phishing incident response program requires the ability to collect relevant data, organizing that data into actionable threat intelligence, and getting that optimised threat intelligence into the hands of incident responders who can then make good decisions that reduces an organisation’s risk.

This type of orchestration is critical in protecting organisations from the damage a successful phishing exploit can wreak

For years PhishMe have been the experts in phishing prevention, offering solutions that drive recognition, reporting and response in a platform that makes sure any information gleaned from multiple systems and users works in concert with incident responders and other security experts to detect and remediate phishing incident.

The company is now celebrating its rebranding to Cofense as it widens its focus across the cyberthreat environment. In light of this, Cofense is offering a FREE party pack.

Click here to get yourself a free Cofense Party Pack.

Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.