Part 4 of a 5-part series. I’m not going to beat around the bush here. Uncomfortable Truth #4 is quite simple: Users are NOT the problem. There. I said it. If this statement seems at odds with your current thinking, don’t close this browser window just yet. Stick with me, and the effectiveness of your phishing defense programs could be changed for the better. … [Read more...] about Uncomfortable truth #4 about phishing defense
Features
Uncomfortable truth #3 about phishing defense
Part 3 of a 5-part series. In part 1 and part 2, we discussed the Uncomfortable Truths that no matter how good your perimeter controls, malicious emails still reach the inbox, and that security teams cannot defend against attacks they cannot see. While some still hold next-gen technologies in almost exalted status, many organizations are beginning to accept that phishing … [Read more...] about Uncomfortable truth #3 about phishing defense
Phishing: Think like a cybercrook
Phishing attacks rely on a single moment of inattention or ignorance. Follow a link and the results are front-page news. A strategy for combating these attacks on multiple fronts is vital. Alan R. Earls reports. Phishing is one of the original forms of cybercrime and yet it still wreaks havoc. Witness the persistence of variations on the Nigerian prince email as an example. … [Read more...] about Phishing: Think like a cybercrook
Q&A: Understanding social engineering
In our inaugural Q&A column, Tonia Dudley, Cofense Director, Security Solution Advisor, looks at some of the basics of overcoming a spear-phishing social engineering threat. Q: SC Media: Phishing is considered a subset of social engineering, where an attacker wants you to trust them with important information. Social engineering takes on a lot of different … [Read more...] about Q&A: Understanding social engineering
Phishing: The next generation
Make no mistake — phishing attackers are getting smarter all the time. Well, some of them, at least. We still see the poorly written phishing emails but those are easy to filter out. But SC Media has heard of cases where attackers have created long, fake email chains where the attacker pretends to be a company employee where they request money to be transferred or documents to … [Read more...] about Phishing: The next generation