Story image

Cofense to bring phishing’s meteoric rise back down to earth

03 Apr 18

​Phishing is a problem that has skyrocketed over time with no signs of slowing down.

Cofense (recently rebranded from PhishMe) vice president of marketing Susan Warner says the rise of phishing will continue simply because it works so well.

“Over 280 billion emails are sent daily and at the same time some reports say that 90 percent of data breaches start with a malicious email. Phishing, sadly, works for many of the bad actors who continue to use this vector to attack,” says Warner.

Many experts believe phishing to be the most persistent and pernicious cyberattacks that organisations face – and the numbers don’t lie.

Cofense released a whitepaper that collated a number of findings around phishing, including APWG’s discovery that the number of unique phishing websites increased 250 percent just between the final quarter of 2015 and the first quarter of 2016, while Symantec’s 2016 Internet Security Threat Report revealed that spear-phishing campaigns targeting employees increased 55 percent.

The report from Cofense stresses that what is particularly troubling for practitioners is phishing attacks have grown to be more targeted and dangerous as the variety of attack methods continues to evolve. This growth is being driven by a burgeoning criminal marketplace, which Symantec outlined in its latest Internet Security Threat Report.

“Attackers will cooperate, with some specialising in phishing kits, and others selling them on to other scammers who want to conduct phishing campaigns,” the report states.

“These kits often trade for between US$2 and $10, and their users do not require much in the way of technical skills to operate them or customise their webpages to suit their needs.”

Warner says there are mounting challenges for enterprises in fighting phishing attacks.

“The first is that an end user will unwittingly click on something they should not have and bad things begin to happen.  Another is that the hackers are getting more and more sophisticated in their attacks – using better and more targeted techniques to attack,” says Warner.

“They are also exploiting core Windows functionality to initiate attacks – tools like OLE and DDE that are designed to improve operability in Windows are used to exploit users or deliver malware.”

At the same time, phishing emails are becoming more ‘potent’ with Cofense finding in its report that as of March 31 2016, 93 percent of all phishing emails analysed contained encryption ransomware, up from 56 percent just three months earlier.

In terms of how businesses can overcome the malicious and tenacious demands of phishing, Warner has some advice for enterprises.

“It comes in two ways – the first is to train employees on what to be aware of and how to report when they see something,” says Warner.

“The second is to make sure that they have tools and plans in place to remediate when something gets past the perimeter. Having an incident response team ready to dive into solving a problem is key.”

There’s no doubt that phishing’s meteoric rise has made incident response programs absolutely crucial to operations.

According to Cofense, a successful phishing incident response program requires the ability to collect relevant data, organizing that data into actionable threat intelligence, and getting that optimised threat intelligence into the hands of incident responders who can then make good decisions that reduces an organisation’s risk.

This type of orchestration is critical in protecting organisations from the damage a successful phishing exploit can wreak

For years PhishMe have been the experts in phishing prevention, offering solutions that drive recognition, reporting and response in a platform that makes sure any information gleaned from multiple systems and users works in concert with incident responders and other security experts to detect and remediate phishing incident.

The company is now celebrating its rebranding to Cofense as it widens its focus across the cyberthreat environment. In light of this, Cofense is offering a FREE party pack.

Click here to get yourself a free Cofense Party Pack.

Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.