We teach kids early to go fish. And then they grow up and the word takes on a whole new meaning to us as cybersecurity professionals. But it’s still a game right? Only the stakes are higher and the players are typically older than 5.
Phishing 101
Phishing is the attempt to deliver malware to a victim or to obtain sensitive information such as usernames, passwords and banking and credit card details, often for malicious purposes. Phishers usually masquerade as a trustworthy entity in an electronic communication. That’s probably why it accounts for 90% (that’s not a typo) of data breaches.
The best places to phish
- SMBs account for the majority of phishing traffic.
- SLED, Financial Services and Healthcare at most targeted industries
- The majority of phishing activity is targeted at N. American corporations
What do we see in the sea
How Cisco Umbrella blocks phishing
Cisco Umbrella’s phishing category leverages indicators derived from multiple sources including lexical clustering of domains, natural language processing model (identification of homograph domains) and the spike rank model, which detects sudden spikes of traffic to particular domains. In addition, our newly seen domain category is a highly effective indicator of phishing. We also leverage community resources such as phish tank feeds.
Compared to other common threat types, phishing is often a more reactive threat. Our industry-renowned researchers are constantly finding new ways to uncover fingerprints that attackers leave behind and actively searching for new phishing domains and IPs to deliver stronger protection. When phishing is detected, Cisco Umbrella will block at the IP and domain level as well as analyze risky domains in the Intelligent Proxy.
To catch a phish
It takes three key things to effectively catch a phish: unparalleled threat intelligence: data, security researchers, and statistical and machine learning models that scour the seas for malicious activity. Members of the Cisco Umbrella research team recently shared some tricks and tips, along with their most recent phishing finds over the past three months Catch of the day, check it out here: Today’s Catch Phishing Round-up 1 and Today’s Catch Phishing Round up 2.
Get protected
Umbrella resolves over 180 billion DNS requests daily, far more than any other security vendor, giving our researchers a unique view of the internet to better identify trends on threats, faster. In addition, our industry renowned researchers are constantly finding new ways to uncover fingerprints that attackers leave behind and building new statistical and machine learning models to automatically classify our massive amounts of data.
Combine the power of Umbrella with Cisco Email Security for the best defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection.Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security.
Click with caution: Phishing tips to protect you
- Avoid strangers, check name and email address
- Don’t rush, be suspicious of emails marked “urgent”
- Notice mistakes in spelling and grammar
- Beware of generic greetings, “dear sir/ma’am”
- Don’t be lured by incredible “deals”
- Hover over the link before you click to ensure it has a secure URL (https://)
- Never give out personal or financial information based on an email request
- Don’t trust links or attachments in unsolicited emails
Bottom line:
It only takes one wrong click for cyber-criminals to access your company’s data. So think before you click. OR minimize the risk with Cisco Umbrella and Cisco Email Security – eliminating the risk and stopping an attack before it happens.
