webinar: 10 steps you can take to protect your business from phishing attacks
TRANSCRIPT
1©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. This document and the contents therein are the sole property of CYREN and may not be transmitted or reproduced without CYREN’s express written permission.
10 Steps You Can Take To Protect Your Business From Phishing AttacksDan Maier, Sep 2016
2©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
of businesses have experienced a phishing attack in the past 12 months.
43%
Source: Osterman Research, “IT Security at SMBs:2016 Benchmarking Survey”
(Phishing is the top cyber-security threat in our 2016 IT Security Benchmark survey.)
PHISHING
MALWARE
RANSOMWARE
BREACH
TARGETED
3©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
(And the average loss per scam is between $25,000 and $75,000.)
lost by corporations to phishing attacksover the past 3 years.
$2,300,000,000
Source: FBI Warns of Dramatic Increase in Business E-Mail Scams, April 2016
4©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
12% of recipients opened the phishing message and clicked the link.
(And the median time to open the malicious email was 1 minute, 40 seconds.)
Source: Verizon, 2016 Data Breach Investigations Report
5©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Phishing attacks trick recipientsinto disclosing personal or financial information
How? Spoofed emails Spoofed websites Plausible ‘stories’
6©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Example Phishing Attack - Spoofed Email
Fake sender domain(not “[email protected]”)
Suspicious subject
Suspicious content
Bad grammar
Hovering over link reveals suspicious URL
Click the link…
7©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Example Phishing Attack
Complex domain starting with “www.paypal.com” can fool
unsophisticated users. Real domain is “endometriosegoiania.com.br” –
definitely NOT a Paypal site.
8©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
• Financial sites• Potential for fraud/theft
• Online services• Attack platform• Same credentials• Harvest contacts
• Shopping websites• User information
Most phished brands for Q2 2016
Top 10 for Q2 2016
9©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
• Spear phishing• Phishing attempts directed at specific individuals or companies• Attackers may gather personal information about their target to
increase their probability of success• Customized with recipients name, plausible context, professional
• Whaling• Phishing attacks directed specifically at senior executives and other
high-profile targets within businesses• Personalized• Focused on a “critical” business matter
Other types of phishing attacks
10©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Why are phishing attacks so hard to stop?
Spoofing
Fake sites/emails difficult to distinguish from authentic.
Logos and branding easy to copy
Convincing domain names
Some sites even use HTTPS!
Human Nature
There are many ways to take advantage of a user’s trust.
Tempting offers and topical events
Creating a sense of urgency or panic
Impersonating friends or colleagues
No Compromise Needed
Its not necessary to break into your computer system.
No malware required to scam someone
Traditional signature-based cyber security no good
11©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
How does a phishing attack work?
1TargetingDecide who to defraud, andassemble an email list
2WeaponizationBuild spoofed email, optionalspoofed website with data capture.
3DeliverySend out spoofed email totarget email list (spam).
4DeceptionDeceive the user into following thecall to action to the next step
5ClickThe user clicks on the phishing siteand attempts to load it in their browser
6DisclosureThe user discloses credentials or financialdata on spoofed website
7Action on ObjectivesPhisher logs onto account, transfers money, uses stolencredit card. etc.
Median time to first click: 3 min, 45 sec
Source: Verizon, 2016 Data Breach Investigations ReportPeterson, Step by step through the ‘Phishing Kill Chain’, SC Magazine, Oct 2014
12©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Where’s the best place to STOP a phishing attack?
1TargetingDecide who to defraud, andassemble an email list
2WeaponizationBuild spoofed email, optionalspoofed website with data capture.
3DeliverySend out spoofed email totarget email list (spam).
4DeceptionDeceive the user into following thecall to action to the next step
5ClickThe user clicks on the phishing siteand attempts to load it in their browser
6DisclosureThe user discloses credentials or financialdata on spoofed website
7Action on ObjectivesPhisher logs onto account, transfers money, uses stolencredit card. etc.
Filter out email threats before they reach your users
Provide employees with awareness training so they can identify threats
Monitor and block web traffic trying to reach malicious sites
Monitor and block exfiltration of financial data to remote hosts
13©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
How to protect yourself1. Be suspicious of urgent requests for
information2. Don’t email personal or financial
information3. Avoid clicking on links4. Verify the validity of suspicious emails5. Always check the web address
10 steps you can take to stop phishing attacks
How to protect your business6. Use an email security gateway
7. Train your users/security testing
8. Use a web security gateway
9. Use endpoint security
10. Check your security hygiene
Don’t be deceived. Multi-layered defense.
14©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Questions and next steps
Free Online Web Security Diagnostic- Self-service evaluation of your current web
security infrastructure- http://www.cyren.com/securitytest
IP EXPO EUROPE- 5-6 October 2016, ExCel, London
itsa 2016- 18-20 October 2016, Nurnberg, Germany
15©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Cyren - 100% cloud-delivered SaaS security
16©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
The world’s largest security cloud
600M+Users protected
17B+Daily transactions
130M+Daily threats blocked
Data Center
Office
17©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Questions and next steps
Free Online Web Security Diagnostic- Self-service evaluation of your current web
security infrastructure- http://www.cyren.com/securitytest
IP EXPO EUROPE- 5-6 October 2016, ExCel, London
itsa 2016- 18-20 October 2016, Nurnberg, Germany
18©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2016. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. This document and the contents therein are the sole property of CYREN and may not be transmitted or reproduced without CYREN’s express written permission.
THANK YOU