Phishing is one of the most potent and most commonly tried internet scams of recent times. In phishing, the attackers attempt to trick a potential victim to provide sensitive personal data or information involving fraudulent websites and emails that mimic legitimate ones (both websites and emails). The users become vulnerable when they fail to discriminate between legitimate and malicious emails and thus become subject to identity theft and fraud. For the user, this may mean great financial risks, even losses through fake transactions, but it can also mean stolen personal information that may be used for the personal gain of the attacker. Such stolen information is not only a risk to the user, but put a financial institution at great risk through large numbers of fraudulent transactions. This process, nicknamed phishing, can also install ransomware and other illegal software in the system without the user’s knowledge in order to continuously steal information from the computer or the user. In understanding this concept, it is important to make a clear distinction between spam and phishing. Although they’re both harmful to the user, phishing is considered to be a much more serious threat considering that it involves identity theft, fraud, and ransomware.

Exactly How Does Phishing Work?

Phishing is often associated with emails that mimic the structure, design, and behavior of another website: usually a bank, a credit card company, or any business that requires personal information to fulfill its end task. However, the emailing is just the beginning of the phishing process. In short, phishing is a process that involves planning, setting up, attacking, and collecting, with the end result being identity theft and fraud.

  • In the planning phase, the attacker, or the phisher decides which business or company to target and develops a list of emails that that business might use, often known as subscribers. At this point, the collection of the emails is similar to the lesser evil that is spam.
  • In the setup phase, the phisher develops a way or methodology of delivering the fraudulent message in order to most efficiently collect a user’s data. In large part, this involves setting up the email address and the webpage, both of which mimic the targeted business.
  • In the attacking phase, the phisher sends the message, making it look as reputable as possible, in order to sway the user into giving personal information.
  • In the collection phase, the phisher will record the information which is being entered into the fake website, which is their website, and collect it for personal use. At this point, the users has already become a victim to the phishing attack because his or her information is out there in the virtual world and free to be misused by the attacker or phisher.
  • Finally, the most crucial phase is what the attacker decides to do or not do with such information. For some, this may involve simple purchases and transactions made through different addresses, but in heavier and more serious cases it will involve a deeper identity theft and fraud. Statistics say that a fourth of the victims who fall prey to phishing attacks never fully recover from it.

How Can You Get Anti-phishing Help?

Just as there are technologies used by the attacker to commit phishing attacks, there are also technologies, both software and hardware, that help against falling prey to phishing attacks. In today’s technologically advancing world, such software goes beyond a simple anti-spam firewall. The main difference between phishing help from software and hardware is that software usually has to be installed in individual PCs, whereas the hardware can just be plugged into the network to protect a specified number of computers.

Anti-phishing help: Software

  • modusCloudthe generic IP filtering engines: It attempts to detect emails that target the user by mimicking high-level corporates and executives as well as detect look-alike domains. For example, a domain with the letter ‘l’ (lowercase L) may instead mimic it by replacing it with an ‘I’ (capital I). The software also goes a step further and provides a plugin exclusive to Microsoft Outlook, named “directQuarantine,” which gives the user a clear view of their quarantined files, which can then be deleted with the touch of a button. Through the plugin, users can also directly report emails to Vircom and instantly re-label emails that may have been wrongfully quarantined.
  • Swordphish is a ReST-based API created by EASYSOLUTIONS that uniquely allows the insertion of intel into already-existing anti-fraud systems by providing classifiers that make distinctions between good and bad domains. In concept, this technology has been existent for years whether it is part of a spam firewall, proxies, filters, etc., but these tools are always backward-looking. In other words, they learn from attacks that have already happened and focus on blacklisting. Instead, Swordphish focuses on predictive technology through its three discrete classifiers programmed to understand and point out phishing and domain generating malware. Without getting into too much technical detail, Swordphish is able to extract features from millions of domains, to distinguish between good and bad, without looking further into the domain in the DNS or requiring support in an external environment. Swordphish is extremely fast with a time of 10 milliseconds per search and a measured accuracy of 95% in classifying URLs.

Anti-phishing help: Hardware

  • WebTitan Gateway is a filtering hardware appliance, which, beyond the typical phishing and fraud protection, also offers spyware and malware protection, an anti-virus, and inspection for your SSL/HTTPS. What’s more, it can be integrated into your corporate network either as a hardware appliance or as software. WebTitan was developed by TitanHQ, a company with two decades of experience in security software and hardware and with the aim of serving large corporations with thousands of users and a seamless integration into an existing network. Some features that WebTitan offers are a proxy cache, integration with your current directory, transparent proxy options, and automated updating and backups. As a company, it is trusted by over 6500 businesses, making it one of the main go-to software and hardware companies for your business needs.
  • Protector P500 is another solution against phishing attacks. It was developed by Secpoint, which automatically updates its appliances multiple times a day to prevent passage of phishing attacks. It offers various security modules based on your needs, starting with hardware for 50 users for a small network, 50-500 users for a middle-sized network, and over 1000 users for corporate-level networks. Its anti-phishing system can warn users of phishing attacks in real time while the appliance also offers spyware protection. Furthermore, it comes with a quick wizard setup that allows quick installation in any network.
  • ESA C690X, developed by the world famous tech giant CISCO, is only the latest model offered as a hardware-type deployment option, while other possibilities can also include virtual, hybrid, and cloud deployment. Unlike other modules, the ESA C690X is specifically for email protection, making it one of the best options in the eyes of any client. Furthermore, it is directly connected to Cisco Talos, the leading threat detection networks that provide protection before, during, and after cyber-security attacks; currently, it monitors 35 percent of the world’s enterprise email traffic and provides non-stop monitoring of global traffic activity.

Anti-Phishing for Your Corporation

Choosing the right hardware and software for your business, corporation, or network largely depend on the type of business you’re in, the size of your network, and your priority towards cyberthreats. With much software and hardware to choose from and constantly evolving cyber-security threats, it is safe to say that phishing will remain a problem in the foreseeable future. In principle, it is not hard to choose the right appliance for your cyber-protection because, in the end, the right appliance is not worth it if the correct mindset toward phishing attacks is not adapted by the corporation as a whole. One of the most important tools suggested by many security firms is that communication within the company or business is key to detecting phishing attacks: A phisher will most likely attack an easy target, so become a tougher target by achieving better accountability, educating your business and customers regarding phishing attacks, and following ethical procedures when using your corporate email. By becoming informed and educated about the threat, your business and its employees also become more aware when using their email, regardless if they are at home or at work. Thus, choosing the right wares for your business needs highly depends on the people that make up your organization.

Security Awareness

Conclusion

To conclude, anti-phishing hardware and software come in handy to prevent most of phishing attacks because they can detect a fraudulent email or website even when consumers fail to do so. They can protect consumers by not allowing access to spurious emails and website links. However, no such programs are foolproof and education still remains the most potent weapon to deal with phishing attacks. The final technological solution to prevent phishing activities involves considerable changes in the infrastructure of the Internet. But this is beyond the capability of any one organization or consumers in general. Taking some essential steps may still reduce the vulnerability of the consumers when subjected to phishing attacks. Every organization and all consumers should deploy available technologies to protect themselves from such attacks.

 

References:

http://computer.howstuffworks.com/phishing.htm

https://www.vircom.com/modusgate/

https://www.easysol.net/swordphish

https://www.titanhq.com/documentation/Titan_HQ_WebTitan_Gateway_Datasheet.pdf

https://www.secpoint.com/press-release-protector-utm-anti-phishing.html

http://www.cisco.com/c/en/us/products/collateral/security/email-security-appliance/data-sheet-c78-729751.html

Be Safe

Section Guide

Aroosa
Ashraf

View more articles from Aroosa

SecurityIQ has published a number of videos on social engineering and phishing. You can sign up for a free account to browse their resources and test how phishing savvy you really are.

Section Guide

Aroosa
Ashraf

View more articles from Aroosa
[i]
[i]