Post HeartBleed, are Phishers & Scammers Winning? Anti phishing

Posted by Geraldine Hunt on Tue, Apr 15th, 2014

With all the recent disquiet surrounding the HeartBleed vulnerability users need to be on alert for potential phishing attacks. Many companies were advising users to reset passwords especially those used for sensitive websites. Because of the level of interest in HeartBleed, scammers are piggybacking on this with phishing attacks camouflaged as password reset notifications.

Piggybacking on popular or newsworthy events is a common technique for cyber-criminals. Naturally people are eager to protect themselves from any vulnerability and this fear of exposure can mean their routine precautions and best practises around email handling are lessened. Many organisations have already patched their systems and are proactively reaching out to customers to advise them how to proceed.

Other phishing scams are likely to emerge include hoax services offering to help with system checks to see if you’re vulnerable or promise to clean up any issues. If using a service like this, before giving any information make sure it’s a legitimate service.

Clear policies as well as user education and awareness

Clear policies along with improvements in user education and awareness are top recommendations as the best way to beat phishing in all its forms. To safeguard customers from phishing attacks, SpamTitan uses a multi-layered approach. It includes new malware detection mechanisms as well as a large set of phishing signatures, support for SURBLs (Spam URL Realtime Blocklists) and heuristic rule tests.

Spam will abound around holiday times and major events

Trending topics like HeartBleed are nirvana for spammers. Spammers are using the old trick of piggybacking news headlines to increase traffic volume to their websites. By grabbing headlines from news channels the spammers randomize spam  in a bid to increase traffic to their websites.

The people interested in the trending topics are the intended targets; the enormous levels of interest from people going online around the world give scammers plenty of new potential victims. According to the FBI, worldwide cybercriminals earn over $100 billion per year through their increasingly sophisticated cyber-attacks.

Block Spam before it reaches the network using a gateway solution

Spam is a problem for most businesses; if it reachs users’ mailboxes it results in lost productivity as time is wasted dealing with it, and it can contain viruses that can infect the entire company network and do untold damage. SpamTitan blocks the spam before it ever reaches the users and uses two anti-virus engines, Kaspersky and ClamAV, to scan messages for malicious code.