It’s why awareness training will never be good enough. And it’s why the best phishing protection technology may always fall a little short. The truth is, some of the best and brightest minds around are using their smarts to come up with more clever and more undetectable phishing exploits. It’s a technological arms race, and maybe the best you can ever hope for is a tie.
As noted on the Dark Reading website, “The growing sophistication of tools and techniques for protecting people against phishing scams is forcing attackers to adapt and evolve their methods.”
The article goes on to say “phishing attacks are becoming increasingly polymorphic. Rather than using a single URL, IP address, or domain to send phishing emails, attackers last year began using varied infrastructure to launch attacks, making them harder to filter out and stop.” To compound matters, many attacks only last a few minutes.
Phishing attacks are also getting really smart. According to the Center for Internet Security, one of the newer phishing technologies is known as trickbots. “A trickbot is a modular banking trojan that targets user financial information and acts as a dropper for other malware.” These trickbots are sophisticated enough to run checks to ensure they’re not in a sandbox environment and then they attempt to disable antivirus programs.
New phishing exploits are constantly being developed too. According to Chris Young, CEO of McAfee, “zero-day attacks, which by definition are threats that haven’t been encountered previously, have now gone from being the exception to the norm. Now, when an attack is launched, it is with a completely new set of IP addresses, with a new variant of the malware, etcetera, in their effort to avoid detection.”
It’s why awareness training company KnowBe4 says Phishing Emails Will Always Get Through. According to the post, “Technical defenses are almost always one step behind new attack methods, so the malicious email as an attack vector isn’t going away anytime soon.”
Unfortunately, the payoff from these attacks justifies the intellectual capital investment of the hackers. Don’t expect the attacks to stop any time soon. So, how do you try and defend yourself and your company from this never-ending evolution of threats?
You do what the big boys do. You use a technique known as defense-in-depth. Defense-in-depth uses a layered approach to phish protection. In other words, the more hurdles you put up the better.
Should you have employee awareness training? Yes. Should you have endpoint protection? Yes. Should you have antivirus and anti-spam protection? Yes. Should have dedicated, cloud-based phish protection technology? Yes.
One of the most important pillars of defense-in-depth is cloud-based phish protection technology. It takes phishing protection out of the hands of distracted employees and uses the latest technology to scan the underlying HTML for exploits. But, for it to be effective, it must operate in real time.
Cloud-based phish protection technology must not only include real-time link click protection, but it must continually feed the data it uncovers back to the list and data providers in real time. This positive feedback loop gives cloud service providers the ability to detect new threats in as little as a few seconds after the outbreak. This is why real-time phish protection service providers are more effective at protecting against zero-day exploits.
The only way to defend yourself from state-of-the-art phishing threats is with state-of-the-art phishing protection technology. When you’re ready to make that happen, head on over to our phishing protection service and try it risk free for 30 days.