White Papers

*PHISH Isn’t Spam – But It Is More Dangerous!

Facts You Should Know

More than 500 million phishing emails show up in our inboxes every day. While this number pales in comparison to spam, which accounts for almost 70% of all email traffic, spam is mainly a nuisance, whereas phishing can lead to costly security breaches.

Phishing attacks, which use highly targeted emails to induce users to divulge passwords or use malware, have resulted in direct financial losses of several billion dollars per year in the US alone. This is just the tip of the iceberg, as more targeted ‘spear phishing’ attacks can lead to potentially devastating security breaches, loss of sensitive data, and significant financial losses.

Most anti-spam and antivirus vendors have repurposed their filters to also catch phishing emails. They rely primarily on blacklists of malicious URL’s, which typically are manually vetted to minimize the number of legitimate sites flagged. But these lists are always a step behind the bad guys, lagging by at least several hours and sometimes days. During that time, spam filters fail to detect many phishing emails, and browsers, which also rely on these same blacklists, do not flag many of the malicious websites to which phishing victims are directed.

This lag can be a serious problem because studies have shown that during work hours, half of users who fall for phishing attacks read their email within two hours of the time it reaches their inbox. Ninety percent read their email within eight hours of receiving it. In other words, a lag in updating blacklists by just a few hours can be devastating.
“Reply to” phishing emails with no attachments and no links are another type of phishing attack that anti-spam and antivirus filters often do not detect. This is due in part to filters’ use of simple “bag of words” techniques that look for emails containing words that typically indicate spam, such as “Viagra,” “cash,” and “you have won.” This technique works well at catching spam but does not effectively differentiate phishing from legitimate emails, since many phishing emails are drafted to look like legitimate ones.

Even with phishing, not all emails are created equal. People are least likely to fall for high-volume phishing campaigns claiming to come from well-established organizations such as large banks and the IRS. Targeted spear phishing messages directed at small groups, such as employees of a particular department or even individuals, tend to be more effective at fooling recipients. These campaigns have been used to initiate many of the high-profile security breaches in the past couple of years, as well as low-profile attacks on smaller organizations.

To find out what solution is best for you and your budget contact a Wilson Technology Group representative at: 352-796-9891 or info@wilsontechgroup.com. You can also find more information on PHISHING by going to our website at: www.wilsontechgroup.com or: http://wilsontechgroup.com/phishing-avoid-becoming-a-victim.

*Taken (in part) from Information Week (6/25/12)

Custom Computers: Onsite & Remote Support; Virus & Spyware Removal; Data Recovery; Repair & Installation / Managed Network Services / Wired & Wireless Networks / Business Telephone Systems / VOIP / Closed Circuit Television Security Cameras / Structured Cabling / Consulting, Design & Management / Sound & Paging Systems / Access Control

Leave a Reply

You must be logged in to post a comment.

Contact Us:

Wilson Technology Group, Inc.
24332 Dorsey Smith Rd.
Brooksville, FL 34601 USA
Phone: 352-796-9891
GPS 28.534212, -82.331537

Serving:

We provide sales and repair of computers, networks, phones, and security cameras in Citrus, Hernando, Hillsborough, Lake, Levy, Marion, Pasco, Pinnelas, Polk, and Sumter Counties