The Phishing Problem:
Phishing is an attempt to criminally and fraudulently
acquire sensitive information (such as usernames, passwords
and credit card details) by masquerading as a trustworthy
entity in an electronic communication. Phishing is typically
carried out by email, and often directs users to enter
details at a spurious website. Attempts to deal with the
growing number of reported phishing incidents include
legislation, user training, public awareness, and technical
measures. However, despite advanced filtering, better law
enforcement, greater efforts at user education, and other
measures, phishing reports have continued to increase.
The individuals behind phishing emails are typically
online criminals. They send out millions of these messages
in the hope that a few recipients will act on them and
provide their personal and financial information. Anyone
with an email address is at risk of being phished. Any email
address that has been made public on the Internet (posting
in forums, newsgroups or on a website) is more susceptible
to phishing as the email address can be saved by spiders
that search the Internet and grab as many addresses as they
can. This is why phishing is profitable; Internet fraudsters
can cheaply and easily access millions of valid email
addresses to send these scams to.
Online criminals are increasingly turning to targeted phishing
attacks, also called spearphishing, where a specific organization
or group of individuals is singled out. The scammers rent or
steal lists of valid email addresses for a target organization
or group, and then create plausible emails using social engineering
that are likely to lure their recipients into supplying personal
data. In addition to soliciting login information, targeted
phishing emails can also deliver malware – for instance, keystroke
logging programs to track everything the victim types. Ultimately,
when targeted phishing succeeds, it has the potential for a
bigger payoff – making the criminals’ incremental investment
worthwhile.
Targeted phishing attacks require criminals
to efficiently build appropriate resources and trick victims
into revealing valuable private information.
Mitigating the threats posed by phishing requires a layered
approach to Internet and communications security. Employing
a combination of solutions-based, policy-based and behavioral-based
controls can drastically reduce organizational vulnerabilities.
As security is a never-ending race against threats, it is important
to analyze existing security infrastructure on a regular basis.
When choosing a technology to assist in the prevention and mitigation
of phishing and other attacks, few things are as important as
how often the technology updates itself. Threats are dynamic
and evolutionary. The minute one is dealt with, another is on
the rise.
The IronPort Solution:
As a member of the Anti-Phishing Working Group (APWG), IronPort
Systems is dedicated to addressing the threat of phishing. IronPort
gateway security appliances provide the first line of defense
in a comprehensive security approach to combat phishing. Anti-phishing
features on these appliances detect current phishing attacks,
enabling organizations to protect their employees. Phishing
techniques, which are continuously evolving, often thwart traditional,
reactive security defenses. IronPort technology automatically
adapts to new threats, as they appear - proactively identifying
them and ensuring that companies no longer have to be constantly
watching for and recovering from these expensive attacks.
Utilizing data from IronPort's SenderBase Network, IronPort
technology examines the complete context of a message, including:
"What" content the message contains, "How" the message is constructed,
"Who" is sending the message, and "Where" the call to action
of the message takes you. By combining these elements, IronPort's
anti-phishing features go far beyond competitive solutions to
stop the broadest range of threats with industry-leading accuracy.
IronPort appliances provide a multi-layered approach to address
phishing and other Internet threats. IronPort appliances have
multiple built-in anti-phishing features, including:
IronPort technology is a truly effective solution, providing
both proactive and reactive protection against phishing. Measures
such as DKIM signing of email clearly identify mail sent from
your organization, while automatic updates to signature files
and preventive security defenses consistently provide the latest protection and information on
emerging threats. IronPort products can support and protect
your infrastructure - not only from today's threats, but from
those certain to evolve in the future.
Documentation:
Download the
IronPort Targeted Phishing Data Sheet (PDF).
|
