The security that you implement for your company can make the difference in the success of your business. It’s always best to get it right the first time, but unfortunately, that’s not always the case. In most cases, companies don’t start working on security logs until a situation has arisen.
Think of your organization as a medieval castle – if all the stones are in the right place, the castle is completely protected and cannot be demolished. But if even one stone is out of place, your entire castle can collapse, and your enemies will always be aware of it.
You always have to examine every single stone to make sure they are all in the right place while it is easy for the enemy to take them out. So take this opportunity to protect your company and customers.
Phishing – not the fun kind
Whether or not you’ve heard of phishing attacks or social engineering, you will be surprised how popular they are. Most targeted in 2021 Online industries The victims of attacks include financial institutions with 24.9%, social media with 23.6%, Saas / Webmail with 19.6% and payments with 8.5%. As technology advances, so are most phishing attacks. So what phishing attacks can you watch out for and what can you do to protect yourself?
Most phishing attacks are done via email. The attacker can impersonate either a person or an organization you work with, making it seem “normal” to you. Most of these attacks involve the intruder trying to trick you into clicking a link to either release malware on your device or trick you into entering personal information so that it can be stolen. Let’s see what email phishing and spear phishing are, and how to avoid them.
Email phishing scam
This type of attack is random and sent to thousands of people but tries to obtain personal and sensitive information. Since these attacks are random, the attacker knows almost nothing about the victim, which is a good opportunity for Script children to take control of these attacks.
Typically, you will receive an email from someone you don’t know and there will be a sense of urgency and a call to action in the subject line or body of the email to keep your account open. When you open this email you will see that it is addressed to you in general, not specifically, and will prompt you to open the attached link and enter personal information.
Once you enter your details, the attacker has all of your data and can use it on other websites, essentially creating a domino effect.
Spear Phishing Scam
Spear phishing, on the other hand, targets a specific person or organization. Because of the nature of these scams, the attacker needs to know more details in order to complete a successful attack. In these cases, the attacker impersonates someone inside the company so that the e-mail is output as “normal” and the recipient has to log in with credentials in order to view “company documents”. At this point, the attacker has personal credentials and can use them in other company files and programs and continue their attacks.
Unlike email phishing, which is mostly done by script kiddies, spear phishing attacks require more detailed information about the target and are therefore more commonly carried out by more professional hackers.
How to protect yourself
To minimize the chance of being hit by such attacks, for any suspicious email, try to contact the sender directly and find out if they sent the email, or check the website from which the email supposedly came to see if something was extraordinary.
Additionally, you can check the email address to see if it looks legitimate, i.e. use .com rather than .con. You can also hover over links or attachments in the email to see if the link looks legitimate. Finally, check the content of the email yourself. If you know that the email is general address and not personal to you, although in most cases it would be specific, you should be able to identify the email as a phishing attack .
If you see any of these situations, at least don’t click links or open attachments. In the event that the email comes from a system that contains sensitive information (e.g. payment platforms), it is better never to open links and instead navigate directly to the website and find the area manually within the platform .
In suspicious situations, send as much information as possible to your IT / security department and mark the email as spam. Going this route gives your teams the opportunity to be more aware of the situation and better plan the future.
Bug bounty programs
Bug bounty Programs are what they sound like – they are programs offered by many organizations to encourage hackers to report vulnerabilities and bugs rather than exploiting them. Hackers, also known as white hats, receive payment for reporting bugs. The key aspect of this program is that by finding bugs, websites and organizations can further improve their product before it is seen by the public and protect themselves better.
Ideally, it is best to run these programs before they go into production and become vulnerable to attack. While the reward for the White Hats may be great, it will undoubtedly be less than it would cost to fix a problem once the system is hacked. In most cases, it is cheaper to use bug bounty programs than waiting for a situation to occur.
Bug bounty programs are one sector of security protocols that can be implemented, but they shouldn’t be the only ones. Now is the time to understand what your company has implemented, and is that enough?
What is unique to your company?
The best way to avoid a security breach is to make sure that your system is unique to your company, and not mimicking what other companies in your industry are doing. Once a hacker understands what your competitors are doing, it will be easier (and more likely) for them to hack your system. So you want to implement individualized procedures. There are two solutions that you can follow:
- By creating signatures that target specific malware, companies are always on the alert as they will always focus on that malware version rather than the next one. You will constantly discover things that have hit others before you, but not when you are the first to be hit.
- By writing rules for the norm of your organization, you implement alerts that are sent when something deviates from the standard. This way you keep track of possible hackers trying to break into the system.
When setting up your company’s security program, consider how a hacker could get at your employees and your company. You want to do things differently on purpose, which makes it very difficult to hack the system. You should also consider proper network isolation, proper review of content (for and by users), and analysis that detects user behavior.
Now it’s important to mention that there may never be complete protection or a perfect solution, but you want to do the best job for your business. More importantly, you always want to be better than your neighbors – then you will at least be safer and better than your organization yesterday.
Where does your company stand?
Ultimately, according to security experts, there are two types of businesses – those who don’t know they’ve been attacked and those who do.
By implementing rules and warnings in your system that reflect the norm, you will always be informed of suspicious activity and will be able to spot it before it gets to later stages where it becomes more dangerous.
Knowing the norm in your company allows you to create rules and a warning will appear every time an instance outside of the standard occurs.
About the author:
Yuval Khalifa, Cyber Solutions Architect, Coralogix.