Lateral Phishing Is on the Rise–Are Your Customers Protected?
noted above were employees at the same company as the compromised account, the other 60% were business associates or employees at different organizations.
Because the account is known to the next set of potential victims, the likelihood of a successful phish increases significantly. Attackers may send hundreds of additional phishing emails to other organizations to spread the attack. The pool of potential victims thus increases, enabling these attacks to do an ever-expanding degree of damage to the reputation of the initial victim’s organization.
Lateral Phishing Defense
As is the case with other types of ATO attacks, there are several key strategies to follow to prevent these types of phishing attacks from spreading.
First, make sure your customer’s security awareness training content is up to date so that employees have all of the information they need about these new types of attacks. These attacks are more difficult to spot because they use a real email address rather than a fake or forged address. That means checking sender properties or email headers to detect fake or spoofed addresses won’t be of much help.
Individuals also need to think more critically about the emails they are getting. Would the person sending that email really ask for this information? If they believe the email is uncharacteristic of the sender, they should follow up with a phone call or in-person verification, if possible.
Second, employ advanced threat detection techniques and services that leverage artificial intelligence (AI) and machine learning (ML) to identify lateral phishing emails without relying on users’ detection skills alone.
Humans are fallible, sometimes gullible, and often busy. Indeed, they are often busy enough that they may not always spend the time to place each and every communication under the appropriate scrutiny. AI solutions can identify these attacks even when they use a legitimate email by analyzing the sender’s email usage patterns and other indicators that would be too challenging for a user to identify.
Finally, organizations must use strong two-factor authentication (2FA) to help reduce the risks of lateral phishing. This approach may use a two-factor authentication application or a hardware-based token. Although non-hardware-based solutions are still vulnerable to some phishing schemes, they do act as a bulwark against the attacker accessing compromised accounts.
Nathan Bradbury is Manager of Systems Engineering for Barracuda MSP, a provider of security and data protection solutions for managed services providers.
This guest blog is part of a Channel Futures sponsorship.