{"id":14175,"date":"2016-06-01T05:00:28","date_gmt":"2016-06-01T12:00:28","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=14175"},"modified":"2016-12-09T11:10:40","modified_gmt":"2016-12-09T19:10:40","slug":"reeling-in-those-pesky-phishing-attacks","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2016\/06\/reeling-in-those-pesky-phishing-attacks\/","title":{"rendered":"Reeling in Those Pesky Phishing Attacks"},"content":{"rendered":"<p>We often hear about cyberattacks consisting of exploits or malware meant to gain control of victim machines, and the term \u201cphishing\u201d has become more widely used and understood. Even my dad now knows what phishing is, not because I told him, but because of headlines in news publications like these:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.bbc.com\/news\/technology-36130407\" rel=\"nofollow,noopener\"  target=\"_blank\">BBC News<\/a><\/li>\n<li><a href=\"http:\/\/www.engadget.com\/2016\/05\/21\/milwaukee-bucks-fall-to-phishing-scam\/\" rel=\"nofollow,noopener\"  target=\"_blank\">Engadget<\/a><\/li>\n<li><a href=\"http:\/\/www.businesswire.com\/news\/home\/20160524006648\/en\/APWG-Report-Phishing-Attacks-Soar-Record-Making-Surge\" rel=\"nofollow,noopener\" >Business Wire<\/a><\/li>\n<li><a href=\"http:\/\/blog.aarp.org\/2016\/05\/13\/top-phishing-scams-on-social-media\/\" rel=\"nofollow,noopener\"  target=\"_blank\">AARP<\/a><\/li>\n<li><a href=\"http:\/\/abcnews.go.com\/Entertainment\/wireStory\/man-pleads-guilty-pennsylvania-celebrity-hacking-case-39341079\" rel=\"nofollow,noopener\"  target=\"_blank\">ABC News<\/a><\/li>\n<\/ul>\n<p>According to Verizon\u2019s recently released <a href=\"http:\/\/www.verizonenterprise.com\/verizon-insights-lab\/dbir\/2016\/\" rel=\"nofollow,noopener\"  target=\"_blank\">2016 Data Breach Investigations Report<\/a>, phishing attacks overwhelmingly aim to steal legitimate user credentials. Genuine credentials are valuable because they provide attackers with \u201cauthorized\u201d access, which is less likely to trip any alarms or alert administrators, which, in turn, means more time for attackers to do what they will.<\/p>\n<p><!--more--><\/p>\n<p>Verizon reported that around 1000 breaches in 2015 were the result of stolen credentials. If you\u2019re the attacker, why try to break in through the second story window when you\u2019ve got a key to the front door? And if you\u2019re the target, how do you stop attackers from using your own front door keys to break into your house?<\/p>\n<p>Verizon recommends a few things to stop credential phishing and limit attackers\u2019 movement, should they be able to bypass your network protections:<\/p>\n<ul>\n<li>Use an email gateway to inspect email content and filter out those pesky phishing emails. (We highly recommend <a href=\"https:\/\/www.proofpoint.com\/\" rel=\"nofollow,noopener\"  target=\"_blank\">Proofpoint<\/a> \u2013 keep reading to find out why!)<\/li>\n<li>Provide your users with a straightforward way to contact your security team should they suspect a phishing attempt.<\/li>\n<li>Require strong authentication \u2013 no one should be using default passwords or easily guessable passwords consisting of less than 12 characters \u2013 and when two-factor authentication is available, use it!<\/li>\n<li>Use internal network segmentation to limit how far attackers can get and make sure they cannot easily pivot to where the high-value stuff is kept.<\/li>\n<li>Inspect outbound traffic for signs that users have been compromised. Look for suspicious HTTP and DNS connections and file transfers \u2013 these are signs of command-and-control traffic and data exfiltration.<\/li>\n<\/ul>\n<p>Of course, being a security company, we always have phishing attacks top of mind as challenges to solve. We\u2019ve recently implemented new features within PAN-DB to help our customers fight the ongoing phishing battle using URL Filtering and WildFire.<\/p>\n<h3>Recognizing New Phishing Websites<\/h3>\n<p>WildFire now includes frequent updates to PAN-DB\u2019s phishing category in its generated set of protections. It actively looks for links to spoofed websites and web forms containing usernames and passwords that are intended for unapproved or unknown web applications. These quick categorizations enable our customers to block access to newly discovered phishing sites so your users don\u2019t get duped into giving away their credentials.<\/p>\n<h3>Better Together<\/h3>\n<p>In addition, we\u2019ve recently <a href=\"https:\/\/www.paloaltonetworks.com\/content\/dam\/pan\/en_US\/assets\/pdf\/technology-solutions-briefs\/proofpoint.pdf\" target=\"_blank\">partnered with Proofpoint<\/a> to help our joint customers better secure themselves against malicious emails, including phishing emails and emails with exploitive or malware attachments and malicious links. Armed with Proofpoint deployed for email, and a WildFire API key, customers can easily integrate Proofpoint\u2019s visibility into all pre-filtered incoming email with WildFire\u2019s thorough analysis engine to prevent attacks both at the email gateway <em>and <\/em>at the firewall \u2013 a double layer of protection against phishing.<\/p>\n<p>As Verizon has noted, 63 percent of confirmed data breaches involved leveraging weak, default or stolen passwords. This problem is not one that technology can fix by itself; real people are being targeted, and real people are necessary to overcome phishing attacks. User education \u2013 though not 100 percent effective against phishing attacks (some of these targeted emails are <em>insanely<\/em> well-crafted, guys) \u2013 can help to significantly decrease the attackers\u2019 success rates.<\/p>\n<p>Has your organization done anything unique in terms of people, process or technology to help tackle the phishing problem? And, of similar importance (not really), how many other phishing puns can you think of?<\/p>\n<p>Check out the\u00a0lightboard video below to learn more about phishing and how Palo Alto Networks helps to prevent it.<\/p>\n<p><div class=\"styleIt\" style=\"width:500px;height:281px;\"><lite-youtube videoid=\"ul6at9WR_6U\" ><\/lite-youtube><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We often hear about cyberattacks consisting of exploits or malware meant to gain control of victim machines, and the term \u201cphishing\u201d has become more widely used and understood. Even my dad now &hellip;<\/p>\n","protected":false},"author":40,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[155,108],"tags":[2022,745,208,1742,506,2019,69],"coauthors":[716],"class_list":["post-14175","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-2","category-threat-prevention-2","tag-2016-data-breach-investigations-report","tag-pan-db","tag-phishing","tag-proofpoint","tag-url-filtering","tag-verizon","tag-wildfire"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/14175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=14175"}],"version-history":[{"count":5,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/14175\/revisions"}],"predecessor-version":[{"id":14190,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/14175\/revisions\/14190"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=14175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=14175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=14175"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=14175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}