Possessing a strong defense against cyber attacks is essential when running your corporation. A single attack has the ability to steal financial information from millions of clients, crash a network and block admins from accessing their own server. A large enterprise can invest hundreds of thousands of dollars (if not more) into cyber defenses, yet it all comes crashing down when an employee opens an email about how to reverse hair loss. A phishing attack is one of the most common methods external malware, spyware or other threats access a network, and yet it also is one of the easiest to avoid. As a company's Internet security is only as strong as the weakest link, it is vital to understand why employees are the weak link in a company's cyber defenses.
What is a Phishing Attack
A phishing attack shares it's name (although not the spelling) with fishing for one simple reason: something attractive is dangled in front of someone in order to see if anyone will bite, yet the attractive object ends up not being what it seemed.
A phishing attack itself is a scam, typically perpetrated through a fraudulent email. The email promises a desirable service or product in exchange for some sort of action taken on the recipient's part. This can vary from providing a banking account number, Social Security number or by simply clicking on a link embedded into the email message. These kinds of attacks were maid famous by individuals receiving messages stating a Nigerian prince wanted to bestow millions of dollars upon them, but to access the funds they needed a wire transfer and bank account number. Phishing scams have evolved greatly from the early days, yet the idea remains the same: to obtain confidential information or to gain access to a server's internal network (Indiana University, 2017).
The History of Phishing Attacks
Spam messages have existed since well before the creation of the Internet. However, the very first known phishing attack over the World Wide Web took place in the mid 1990's using America Online's instant messenger service (AIM). While not the first instant messenger service, AIM grew exponentially in popularity prior to the time of social media. A phishing attack would send recipients either an IM or an email to their AOL account requesting their AOL password. Typically the message came designed to look like an official AOL account message. The first phishing attacks would use account information to further spam other users, yet in terms of identity theft or loss of vital information, these attacks proved to be minor inconveniences.
As is the case with most Internet scams, obtaining AOL passwords proved to be the tip of the ice burg. As scammers saw the ability to gain password information, they eventually moved on to sending messages indicating individuals needed to update their billing information in order to keep their account active. This often required a user to provide not only their credit card information, but routing and Social Security numbers (Symantec Corporation, 2017).
In the beginning years of phishing scams, most remained relatively amateurish, making it possible to easily identify fraudulent IM messages and emails. Since this time, the sophistication of such phishing attacks has escalated the ability to fool recipients of messages into following through with providing financial information, mostly by replicating the appearance of major corporate and enterprise emails (such as Apple, Amazon and Google). The need to protect an office network from such phishing scams continues to remain a high priority, yet most defensive principals must begin with employees remaining vigilant with what they open and access (even if done with help from an IT admin by placing blocks on certain websites and non-work related email accounts) (Symantec Corporation, 2017).
Attacking the Weakest Link
Outside of cyber criminals who focus on extensively protected network infrastructure simply to challenge their hacking skills, most focus on targeting the weakest link in cyber security. Punching holes through one defensive wall after another is time consuming and difficult, even for the most talented hackers. This is why the weakest link in a network's security is targeted. An employee's email address is relatively easy to obtain. Sometimes simply scrolling through a company website for contact information provides these details, while even the most basic network scans may give up everyone working within the company's email addresses. Sending messages to an email account doesn't take any special talent. In fact, it is possible to outsource the creation of these messages or utilize a phishing attack kit, which makes it easy to produce near identical emails based on that of corporate documentation. All the cyber criminal needs to do is ensure it makes it past the spam filter on the recipient's email. Once past the spam filter, all that is required is for the employee to open the email and follow the embedded link. Upon clicking the embedded link, it may provide an open door for the scammer to access the network.
Basic Security Features Begins With Educating Employees
Without diving too deep into available security features for preventing a phishing attack (more on this in an upcoming post), educating employees and setting up some basic security features can go a long way in ensuring scammers are not able to push their way through into the network via an employee email.
All employees need to be educated on the kind of messages to open. Preventing the access of personal email accounts can greatly reduce the potential of external threats worming into the network. Setting up an individual spam filter for each computer is also a valuable addition to protecting and preventing employees from even receiving this fraudulent email messages. Localized spam filters improves the chances of catching a phishing attack over maintaining a single spam setting for the entire network.
Some employees may attempt to adjust their spam filters. This is done if stations have local administrator rights. However, an IT security team can remove these local admin rights from every user computer station. By removing the local admin rights, a user on the computer is not able to go in and alter settings or make changes that can put the entire network at risk of an external attack. Implementing these kinds of security upgrades not only helps reduce the chance of being hit with a phishing attack but it helps reduce the potential of another Internet attack striking the local computer based on changes made by an end user. This should become common security protocol (Tenessean, 2015).
Phishing attacks have affected tens of millions of Internet users over the years. It is impossible to peg an exact number to these attacks as not everyone reports the attacks (or even knows they were hit). However, according to a 2015 Kaspersky Labs report (Infosec Institute, 2017), anti-phishing software was triggered nearly 31 million times during a single year. Protecting an entire network begins with company employees and the importance of them avoiding these dangerous emails and phishing websites. While employees are likely the weak link in cybersecurity, educating them on the ability to avoid a phishing attack while taking additional security measures can help reduce the potential of an external attack on an internal networking infrastructure.