The Phishing Problem:
Phishing is an attempt to criminally and fraudulently acquire sensitive information (such as usernames, passwords and credit card details) by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by email, and often directs users to enter details at a spurious website. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures. However, despite advanced filtering, better law enforcement, greater efforts at user education, and other measures, phishing reports have continued to increase.
The individuals behind phishing emails are typically online criminals. They send out millions of these messages in the hope that a few recipients will act on them and provide their personal and financial information. Anyone with an email address is at risk of being phished. Any email address that has been made public on the Internet (posting in forums, newsgroups or on a website) is more susceptible to phishing as the email address can be saved by spiders that search the Internet and grab as many addresses as they can. This is why phishing is profitable; Internet fraudsters can cheaply and easily access millions of valid email addresses to send these scams to.
Online criminals are increasingly turning to targeted phishing attacks, also called spearphishing, where a specific organization or group of individuals is singled out. The scammers rent or steal lists of valid email addresses for a target organization or group, and then create plausible emails using social engineering that are likely to lure their recipients into supplying personal data. In addition to soliciting login information, targeted phishing emails can also deliver malware – for instance, keystroke logging programs to track everything the victim types. Ultimately, when targeted phishing succeeds, it has the potential for a bigger payoff – making the criminals’ incremental investment worthwhile.
Mitigating the threats posed by phishing requires a layered approach to Internet and communications security. Employing a combination of solutions-based, policy-based and behavioral-based controls can drastically reduce organizational vulnerabilities. As security is a never-ending race against threats, it is important to analyze existing security infrastructure on a regular basis. When choosing a technology to assist in the prevention and mitigation of phishing and other attacks, few things are as important as how often the technology updates itself. Threats are dynamic and evolutionary. The minute one is dealt with, another is on the rise.
The IronPort Solution:
As a member of the Anti-Phishing Working Group (APWG), IronPort Systems is dedicated to addressing the threat of phishing. IronPort gateway security appliances provide the first line of defense in a comprehensive security approach to combat phishing. Anti-phishing features on these appliances detect current phishing attacks, enabling organizations to protect their employees. Phishing techniques, which are continuously evolving, often thwart traditional, reactive security defenses. IronPort technology automatically adapts to new threats, as they appear - proactively identifying them and ensuring that companies no longer have to be constantly watching for and recovering from these expensive attacks.
Utilizing data from IronPort's SenderBase Network, IronPort technology examines the complete context of a message, including: "What" content the message contains, "How" the message is constructed, "Who" is sending the message, and "Where" the call to action of the message takes you. By combining these elements, IronPort's anti-phishing features go far beyond competitive solutions to stop the broadest range of threats with industry-leading accuracy.
IronPort appliances provide a multi-layered approach to address phishing and other Internet threats. IronPort appliances have multiple built-in anti-phishing features, including:
- IronPort Reputation Filters
- IronPort Anti-Spam
- IronPort Web Reputation technology
- Email Authentication via DomainKeys Identified Mail (DKIM) signing and verification (PDF)
- IronPort Bounce Verification
- IronPort Email Encryption
- IronPort Anti-Malware System
IronPort technology is a truly effective solution, providing both proactive and reactive protection against phishing. Measures such as DKIM signing of email clearly identify mail sent from your organization, while automatic updates to signature files and preventive security defenses consistently provide the latest protection and information on emerging threats. IronPort products can support and protect your infrastructure - not only from today's threats, but from those certain to evolve in the future.
Download the IronPort Targeted Phishing Data Sheet (PDF).