In times of turmoil we turn to trusted agencies and partners to help us navigate uncertainty. Malicious actors have exploited this instinct, impersonating and spoofing some of these agencies. Take the spoofing of the World Health Organisation in April. At a time when the world was looking for guidance and unity in strategy, malicious actors spoofed their exact domain to extort donations and sensitive information – see more here.
Combine the misuse of a trusted name with the lack of ability to turn to your colleague and ask “does this look real” and we find ourselves in an uncomfortable position with a lot of uncertainty. Malicious actors are taking advantage of that uncertainty and reaping the reward, with 58% of businesses reporting an increase in phishing volume. The “does this look real to you” has led to the spread of phishing emails internally, 60% of organisations reported threats that were passed around internally, likely due to staff wanting to pass on what they thought was “key information” or internal Covid policies. See some more insights on the Mimecast infographic here.
Bolstering our phishing defences is critical, but so is assessing the risk facing users during their web browsing. When looking at protecting our domains and email identities, do we have public DMARC, DKIM and SPF records published to prevent what happened to the World Health Organisation happening to us? It’s worth noting that since the incident happened to the World Health Organisation, they have now implemented DMARC records and are protected against exact domain spoofing ongoing.
Are we still training our users and giving them the confidence, they need to deal with security incidents and prevent attempts to deceive them? With classroom training becoming harder for firms to deliver, the shift to online module-based learning and testing is a paradigm shift. Short, sharp informative training delivered via a variety of styles we find yields a culture change which is essential to change behaviours.
Saepio recommend reading the Mimecast “State of Email Security 2020” report to learn how other companies have been affected in the first half of 2020 and how they’ve mitigated some of these attacks.