6 Tips to Grow Your MSP in 2023Trevagh Stankard
MSPs must stay up to date with the latest threat detection and cybersecurity measure in order to stay competitive. Discover ways MSPs can grow their business in a competitive market.
The number of phishing websites detected reached an all-time high earlier this year, a sign that launching phishing attacks is still lucrative for cybercriminals. In its recent report the Anti-Phishing Working Group (APWG) said 56,859 phishing sites were detected in February, this beat the previous record from August 2009 by nearly 1 percent.
The Anti-Phishing Working Group (APWG) is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that result from phishing, malware and email spoofing of all types. In its report the APWG noted that the increase in the number of phishing websites was partly due to new technology it employed earlier this year to detect fraudulent sites.
Phishing sites are websites that look nearly identical to the legitimate ones, Cybercriminals are pushing out fake web sites branded as well known companys like eBay, Amazon, banks, and other financial companies to the tune of tens of thousands every week. Oftentimes these sites mimic the well known brands very well and therefore leverage the trust users have in the legitimate companies. The new report showed the US hosted the most fake sites. With almost 50% of the phishing sites for the first quarter of 2012 using a know brand name in their URL, this is a well know trick often used by phishers.
On the bright side, though, phishing sites are being taken down faster than ever, one of the reasons is the ever increasing sophistication of email and web security solutions. In a SpamTitan survey from earlier this year 70% of companies reported incurring financial losses through not reporting spear phishing incidents to their IT department. The results showed that 70% of companies that believe their organisation have been a victim of a spear phishing attack are unsure that such attacks are reported to I.T. and dealt with appropriately. The lack of proactive measures to deal with the attacks can cost companies financially through the loss of data and system downtime. Spear phishing is a growing issue where a targeted false email that appears to be legitimate is sent to individuals or a company in order to access data.
These findings highlight the importance of a company security policy and the importance of communicating this policy effectively so that all employees know how to deal with the myriad of security issues they are regularly faced with. This includes what actions to take if they receive a suspicious and unsolicited email, what to do if they receive an email requesting information but the sender is not known to them, what internet activity can they reasonably pursue within company policy, if their role requires them to access a site that is blocked company wide how do they request access?
Most people are now aware of various prevalent banking phishing scams or similar, spear phishing is another advanced attempt at a breach of security that appears legitimate and should therefore be highlighted even more as it is a much more sophisticated form of phishing. Educating employees around a range of security issues is an important step but crucially the most important step a company can take is to put in place robust and powerful security solutions. This doesn’t mean that companies can afford to ignore the ‘softer’ behavioural issues associated with security, it only takes one employee to open the wrong email to give access to sensitive company data bring a whole company’s IT systems to a halt.
German cybersecurity authority, BSI along with the FBI and Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings to companies to be extra alert over the approaching holiday season for...
At the heart of most attacks is a phishing campaign. Most of the biggest data breaches started with a phishing email. Take a look at the latest phishing attack examples.
Sign-up for email updates...