Protection Against Phishing
Internet Providers or ISP’s are considered to be the first line of defense against phishing attacks and the cyber criminals seem to be playing a ‘cat and mouse’ game to continually try to stay ahead of them. Those that specialize in ‘phishing’ have made a profession by emulating websites that are often trusted sources and by doing so, invite the user to send them personal information. ISP’s have been on alert with the development of an array of tools in an attempt to thwart the phishing efforts, but the general public as well as the corporate world, may not be aware of how these work and the role they need to play in combatting the attacks.
The ISP tools include a ‘blacklist’ of the known websites as well as emails with phishing content and are on constant watch to flag any messages that are suspect. Many of the ISP’s include a ‘warning’ to the recipient as well as totally blocking the delivery of the phishing emails. Each ISP posts the actions that they are taking to assist in protecting their customers, however, the wile and complexity of the phishing criminals seems to anticipate and move on to alternate attack methods. As in a game of cyber chess, once the crime has been detected, the villains have already put in place their next board move for continued attacks from a different front. The ISP’s also rely on incoming reports from their customers and not all individuals or companies are consistent or timely in their notification.
It appears that due diligence falls on the net security companies that specialize in maintaining up-to-date data to protect users. Symantec™, the well-known internet security company, released their Symantec Brightmail™ Anti Phishing report and stated, “In addition to implementing technology to help protect against malicious activity on the Web and email, organizations must educate their end-users on phishing to avoid the negative impact of being victimized. Phishing attacks present serious consequences for organizations including loss of data, financial losses as well as loss of brand due to the negative publicity associated with these cases. In today’s economic climate, companies can ill afford the loss of brand which ultimately can mean a shrinking customer base.”
Phishing and the various components of cyberattacks continue to expand on a global scale. The Symantec report included the fact that phishing attempts are being made to large organizations via SMTP. Through the use of their Global Intelligence Network “has monitored security devices which log up to 2 billion daily events, helping Symantec understand what threats are impacting our customers. In addition to that, 120 million virus submission systems provide insight into the latest threats, along 40 thousand sensors in over 200 countries which determine where threats originate and whether or not they are targeted or global.”
Sharon Knowles, CEO of Da Vinci Forensics says:
‘The concept of cyber hackers can no longer be considered a group of back room coders with minimal expertise. Today’s cyber criminals have developed their craft into a complexity that has never before been seen and have taken the attacks to an entire new level. As South Africa continues to expand into the global market, security and protection of both companies and their staff is the main focus at Da Vinci Forensics. Analysis, examination and consistency is needed to ensure personal and proprietary data is shielded.”
*** Sources***
Phishinginfo.org
Computerweekly.com
Symantec.com