WHAT IS PHISHING?
Phishing is defined as “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, or to install malicious software a.k.a. Malware.” Phishing emails are also being used to attack systems for the purposes of encrypting their data and obtaining a ransom for the recovery of that data.
Like all network security schemes, successfully defending your network against phishing / malware attacks requires a multi-faceted approach. This approach breaks down into three areas: 1. Protection at the firewall level 2. Protection at the user device level 3. User training and testing.
USER DEVICE PROTECTION Because users may sometimes bring in malware via USB key or other method that does not go through the firewall, it is useful to have malware / phishing protection at the user device level. Sophos offers a very powerful anti-malware suite of products for PCs, laptops, and cellphones. This includes Intercept-X which includes their CryptoGuard program, which helps prevent the malicious spontaneous encryption of data by ransomware. If ransomware is discovered, CryptoGuard reverts your files back to their original state.
USER VULNERABILITY TESTING
We offer User Vulnerability Testing so that organizations can find out who needs additional training at the user level to prevent attacks. With this service we send out false “phishing” emails to each of your users and then report on who clicked the link, and or opened the attached file. These emails are carefully constructed to look just like an internal email from management or a similar “harmless looking” email from a customer or supplier. This service is available as a subscription service with quarterly tests at $12 per user per quarter, or on a onetime basis for $18 per user.
HOW TO SPOT A PHISHING EMAIL?
Every day countless phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so outlandish that they are obvious frauds, others can be a bit more convincing. So how do you tell the difference between a phishing message and a legitimate message? Unfortunately, there is no one single technique that works in every situation, but HERE are a number of things that you can look for in an email:
Phishing Testing & Training
© 1990-2018 Dominant Systems Corporation and others. All rights reserved.