make a good business better

Blog Information Security

Print Divider Print Divider Branding
 

Develop an Anti-Phishing/Malicious Email Strategy

01/05/2017

Share

Social Logo Social Logo Social Logo Social Logo

By Ty Tyra, guest blogger

LBMC Information Security is offering this seven-part series and the recommendations therein as guidance that can help fortify the defenses behind your border. These are designed to build additional layers of defense and remind IT leaders not to neglect the fundamentals. The series will be posted on a weekly basis and consists of the following topics:

Last week, we looked at the benefit of controlling which applications can run on an organization’s endpoints. This week, we examine the need to craft strategies to combat phishing and malicious emails.

Develop an Anti-Phishing/Malicious Email Strategy

As stated in the introduction to this series, the bad guys understand that many organizations have successfully hardened their perimeter security these days. The key is finding a way around the hard exterior shell. One of the primary vectors of accomplishing that is via attacks on the end user leveraging email. Since the use of email is a legitimate business process and the perimeter controls must allow email traffic, malicious actors use it to get past the organization’s well-defended border. Such attacks are manifested as phishing attempts aimed at capturing credentials or infecting a user’s machine via malicious links or an attachment.

Because of the prevalence of this type of attack, developing an anti-phishing strategy is a must. It begins with user education regarding these threats, along with regular testing and reinforcement of that education. Internal campaigns that simulate phishing and malicious emails are an excellent way to gauge the awareness of an organization’s user population to such threats. Develop metrics that track the percentage of successful simulated phishing attacks over time. The goal is to educate employees well enough so that this percentage consistently decreases over time.

If possible, leverage inline solutions that proactively identify and quarantine such email threats before they reach a user’s inbox. This is an excellent tool in combatting large, organized phishing and malicious email campaigns. If available, use automated analysis of such threats to determine the external domains involved and block them with any Web proxy capability your organization possesses.

Finally, one of the most cost-effective methods of identifying these threats is simply to create a large, noticeable banner that identifies all externally originating emails as being from a source outside of your organization. With proper user education, this strategy can aid in identifying spoofed emails posing as company executives or people in positions of authority within the organization.

Our team at LBMC Information Security is equipped to assist you with a wide range of network defense services. Contact us today to learn more!