Phishing attacks are on the rise. In the first quarter of 2016, the Anti-Phishing Working Group (APWG) observed more phishing attacks than at any other time in history.
Gartner explores some possible reasons for this spike in their latest report on email fraud Fighting Phishing: Protect Your Brand. They suggest that it’s not that companies are doing anything to fight email fraud—it’s that their defenses are limited.
Most enterprises focus on behavioral management of employees. But the scope of phishing is much broader. Cybercriminals target customers and employees with highly sophisticated attacks that spoof both a company’s owned sending domains and spoof the brand in other ways. Companies can no longer solely rely on customers or employees to be their first line of defense against email phishing attacks.
Below we examine three top recommendations from Gartner on how to mitigate phishing risks across internal and external environments.
1. Strengthen anti-phishing efforts by monitoring and reporting all active phishing attacks, both internal and external.
While monitoring for spear phishing emails targeting the enterprise is crucial, phishing attacks leveraging the brand are far broader than internal attacks alone. That’s why it’s important to monitor and report phishing attacks beyond your perimeter.
The technology required to scan, analyze, classify, and escalate messaging activity at this scale is beyond the capability of most enterprises. Working with a partner to identify and mitigate the full scope of phishing messages is the best way to defend your company.
2. Implement email authentication.
Email is inherently insecure. The Simple Mail Transfer Protocol (SMTP) was not designed to verify the integrity of senders. That’s why companies must implement the email authentication protocols SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication Reporting and Conformance) on all of their domains. With strong email authentication, organizations can lock down their domains and prevent cybercriminals from stealing their corporate identities. As email receivers—including Gmail, Outlook, and Yahoo! Mail—build more robust filtering capabilities, email authentication will also become essential to the deliverability of legitimate messages.
3. Monitor all brand mentions, including “look-alike” domain names.
While email authentication is critical to securing your owned domains, it does not provide total protection for your email channel. Attackers often spoof a brand in other ways, including manipulating the Display Name, using a “look-alike” domain (which mimics the sending domain of the brand), implementing company branding, and more. To mitigate these brand spoofing risks, enterprises need to work with a partner to carefully monitor all mentions of their brand within the email channel and report any malicious URLs to their takedown vendor immediately.
Return Path was honored to be mentioned in this report as the only vendor to help companies address all three of these recommendations. Want to learn how we do it? Request a free demo of our Email Fraud Protection solution.