1
General information:

 

Probably everyone has already heard about such a phenomenon as phishing. However, few people realize the degree of reality and scope of this threat. The turnover of phishing, that is, its so-called revenue, is millions of dollars a month on a global scale.

 

It is difficult to make accurate calculations, because in addition to access to corporate networks, the loss of confidential and commercial information-companies have a lot of collateral losses. These are both reputational risks and customer trust, compromising the information security perimeter, and sometimes paying a ransom.…

 

More detailed:

 

No matter how secure the system is, its drawback has long been known – namely, the presence of the human factor.

 

2

 

As it turned out in numerous studies that were conducted in 2020-21 by various information security agencies, phishing is a universal tool.

 

 

It was a real discovery that even information security officers also accurately open phishing links. And this is not a little:  up to 30%… In some cases, they rely on their competence, when they also miss a well-written letter that does not cause any suspicion at all.

 

Relevant:

 

The phishing system is complex. That is, it is an algorithm, each step of which can be tracked with the proper level of care. Unfortunately, the work of employees of companies is akin to a pipeline – a quick sequence of information processing was not previously planned to provide for control over the stages.

 

3

 

For example, when you receive a message, you can check a number of parameters that may cause suspicion. In the absence of suspicion-open, and be sure to check the type of link. Of course, this in itself is a non-trivial task for a layman. And then it is clear, the wrong link – and the phishing goal is achieved…

 

Lyric digression:

 

The methods of social engineering used by cybercriminals are extremely diverse and very effective. What is only such a common model: a letter comes to the accounting department. There is an attachment with the name “Company awards for the 4th quarter of 2020”. And immediately after comes the second letter, which contains a request not to open the previous one, and it is better to delete it immediately-they say, it was sent to the wrong place, by mistake. What accountant will delete it without looking at it out of pure curiosity?

 

And more:

 

Sites that lead to phishing links are made, as a rule, with the highest quality, outwardly almost indistinguishable from the original. So far, the only way to protect the system from phishing is an advanced spam filter. This step will give a fairly high degree of protection. And, of course, information literacy training for company employees.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

GPD Host Contacts
GPD Host Social
Pay with Confidence

Copyright © 2015 - 2020 GPD Host All right reserved.