Spoofing and Spear Phishing | Traditional Solutions are Not Enough

Receiving spoofed emails is a nuisance,
irritating and inconvenient, but generally spoofed emails are easy to identify and recipients delete
these emails – making spoofed emails irritating but practically harmless. But cybercriminals don’t
stop at spoofed emails. These savvy individuals are constantly trying
to improve their tactics and businesses need to keep pace. When cyber
criminals craft targeted spear phishing emails, spoofing can become a
potentially dangerous event.

Despite the overall decrease in the
volume of spam reported, the number of spear phishing attempts have increased dramatically, pushing
spear phishing to top of mind for IT professionals. With the increase in hyper-personalized spoofed
emails, the question remains, whose responsibility is it to prevent spear phishing attacks from
succeeding, employees or the organization?

Many individuals think that the onus of
preventing cyber attacks, including spear phishing attacks, rests on the employees not the organization.
However, this stance is a dangerous one to take; employees cannot solely be held responsible for
successful spear phishing attacks.

Underestimating cyber criminals can be
very costly to business operations; the responsibility to keep an organization’s assets safe does
not fall on its employees. The fact is there are solutions available
precautions organizations can take to
minimize the spear phishing attacks seen by employees.

The basic anatomy of all spear phishing
attempts includes a call to action; the recipient is prompted to click on a link, call a number, or open
an attachment. Spear phishing attacks are generally executed at
the end of the quarter in the evening
and are constructed in a way that requests the recipient to act.The uncanny (and well thought out
timing) coupled with spoofing, or the attacker pretending to know
the individual, makes spear phishing
emails a viable threat to an organization.

There are five steps organizations can
take now to minimize targeted attacks:

  • Accept that both the organization
    and its employees are probable targets. Then take the proper precautions; research email spoofing
    solutions that will work well with the organization.
  • Beware of links. The likelihood of a
    spear phishing attack using a link – which downloads potentially dangerous malware – is a
    high probability and can be mitigated using commercial software available today.
  • Education. While email security
    solutions are necessary, so is educating employees to minimize human error. There are firms that do
    this for companies and have remediation programs that can be used in the fight against these
  • Use messaging intelligence.
    Organizations can build this internally and there are solutions available. These solutions usually have
    access to black lists and other resources that internally developed systems might not have.
  • Turn up the volume. Well, maybe not
    the volume per se, but turn up the sensitivity of the spam filters. Many organizations have
    multiple spam filters that use different data repositories and algorithms to stop these malicious
    attacks. Deploying a whitelist service in tandem with increasing the spam filter sensitivity
    will provide comprehensive support.

There are solutions available today can
fight against spoofing, provide messaging intelligence and authenticate the integrity of the email
senders. With solutions like these available, organizations have
no excuse for not taking the first step
in preventing malicious emails from ending up in employees’ inboxes. The responsibility resides on
organizations to implement proper security solutions and educate
employees to effectively combat spear
phishing attacks.

By Michael Knight, VP Solution Services

Michael Knight works as a senior
architect and technology advisor with responsibility for insuring successful TrustSphere implementations.
He works closely with customer and partner accounts in various industries such as financial
services, banking and insurance. Prior to joining TrustSphere, Mr. Knight was at Cassatt, where he worked
in the office of the CTO, leading technical teams for the creation of
private clouds within some of the largest data centers in the world.
Mr. Knight has nearly 20 years of history working in IT software and
infrastructure management, leading senior solutions architect and
residing on technical teams working with the five largest banks in
the world and the four largest insurance carriers in the U.S. Working
closely with CTOs and in various leadership roles, Mr. Knight has
focused his career on early stage software technologies surrounding
security and standards based application development using Java and
newer development paradigms including Service Oriented Architectures.
Mr. Knight holds a B.S. in Electrical Engineering from Boston
University and a M.S. In computer science from MIT.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...