Part 4 of a 5-part series. I’m not going to beat around the bush here. Uncomfortable Truth #4 is quite simple: Users are NOT the problem. There. I said it. If this statement seems at odds with your current thinking, don’t close this browser window just yet. Stick with me, and the effectiveness of your phishing defense programs could be changed for the better. … [Read more...] about Uncomfortable truth #4 about phishing defense
Intelligent Phishing Defense
Uncomfortable truth #3 about phishing defense
Part 3 of a 5-part series. In part 1 and part 2, we discussed the Uncomfortable Truths that no matter how good your perimeter controls, malicious emails still reach the inbox, and that security teams cannot defend against attacks they cannot see. While some still hold next-gen technologies in almost exalted status, many organizations are beginning to accept that phishing … [Read more...] about Uncomfortable truth #3 about phishing defense
Phishing: Think like a cybercrook
Phishing attacks rely on a single moment of inattention or ignorance. Follow a link and the results are front-page news. A strategy for combating these attacks on multiple fronts is vital. Alan R. Earls reports. Phishing is one of the original forms of cybercrime and yet it still wreaks havoc. Witness the persistence of variations on the Nigerian prince email as an example. … [Read more...] about Phishing: Think like a cybercrook
Q&A: Understanding social engineering
In our inaugural Q&A column, Tonia Dudley, Cofense Director, Security Solution Advisor, looks at some of the basics of overcoming a spear-phishing social engineering threat. Q: SC Media: Phishing is considered a subset of social engineering, where an attacker wants you to trust them with important information. Social engineering takes on a lot of different … [Read more...] about Q&A: Understanding social engineering
Uncomfortable truth #2 about phishing defense
Part 2 of a 5-part series. In part 1, we explored the uncomfortable truth that no matter how good your perimeter controls, malicious emails still reach the inbox. While security technologies do a great job of telling us about the attacks they have stopped, they do a poor job of telling us about the threats they have let through. This segues nicely into: Uncomfortable … [Read more...] about Uncomfortable truth #2 about phishing defense