Phishing is a huge threat. If you have been lucky enough not to fall victim to a phishing attack, then you are the very small minority. Almost every organisation in the world is constantly attacked by cyber criminals looking to breach your system and steal valuable information for ransom or other criminal ventures.

In this article we discuss phishing and what you can do to minimise the risk to your organisation via some tailor-made solutions.

What is phishing?

Phishing is a form of attack, where cyber criminals are trying to get you to give up log in details or install malicious software onto your device. This is predominantly done via email and normally in the form of a fake email, impersonating a huge company such as Microsoft or Apple or Amazon.

The email will tell you to log in and take you to a fraudulent landing page where you enter your details. The cyber criminals now have your log in details but many of them will log you in to the website so you won’t even know it is happening.

What are the different types of phishing?

There are three main types of phishing;

  • Blanket phishing – This is as discussed above, focused on mass emails impersonating big brands.
  • Spear Phishing – Is more targeted than the blanket branded ones, where they will use your name, email, job title and other available information to make the email look more legitimate. For example, if you work in HR they could attach malicious software disguised as a CV or personnel file.
  • Whale Phishing – Is a targeted phishing campaign, where the attackers have singled you out as a valuable victim, they know your information and will use this to try to manipulate you. For example, sending an email that looks like it comes from your boss asking for information or if you work in finance sending you a link to an invoice.

What are the risks of phishing?

Phishing is one of the most successful ways to hack an organisation. If a cyber criminal can get access to some passwords, they can start to access your systems and data.  Their ultimate goal is normally to gain admin access to gain full control over your IT estate. With this they can start to encrypt or copy and delete your data and then hold you to ransom. Some attackers remove all access to your systems giving them complete control.

The risk is that your business could be completely shut down and you could be forced to pay a ransom or deal with the time it would take you to rebuild from a backup or from scratch.

Solutions to protect against phishing

Phishing is a well-known attack vector and as a result there are a number of things you can do to protect against it.

Firstly, it is worth mentioning some good practice that you can put into place to help protect against phishing:

  • Training – train all employees on how to spot a phishing email and what to do if they receive one. This can be a huge step forward
  • Admins – Admins should always have a separate user and admin login details to minimise the chance of them accidentally using the admin details.
  • Multi factor authentication – By requiring another verification step you can vastly reduce the risk of losing passwords in your organisation as attackers will not be able to use it to access the system without access to your mobile device or email address. It is worth turning this on across as many systems as possible, if your system doesn’t have it, it may be possible to use Azure Active Directory MFA.

Microsoft Defender

Microsoft 365 Defender, part of Microsoft’s security suite, leverages the Microsoft 365 security portfolio to automatically analyse threat data across domains, building a complete picture of each attack in a single dashboard.

Microsoft Defender prevents a wide variety of volume-based and targeted attacks including business email compromise, credential phishing, ransomware, and advanced malware with the help of a robust filtering stack.

Microsoft Defender comes with some M365 and O365 bundles so you may already have access to it or a simple upgrade can bring this into your IT estate at a reasonable price.

Mimecast

Mimecast is a third-party application that protects your emails. Once set up, Mimecast scans and assesses every email that comes into your organisation. It also protects all links and attachments that come in. Via the Mimecast portal you can assess any withheld emails and release them if you are expecting them. Mimecast is one of the market leaders in this space and our recommended anti-phishing solution.

Is your business adequately protected against phishing? If you would like to learn more about setting up Mimecast or Microsoft Defender or for a cyber security assessment, please contact us today.