1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: The best free weapon to fight phishing fraud

Discussion in 'CSO' started by RSS, Jun 22, 2016.

  1. RSS

    RSS New Member Member

    As the saying goes the best things in life are free. Security professionals spend significant amounts of time on anti-phish training and many have paid anti-phishing simulation campaigns to maintain that ongoing training effort. However every organization has one very important weapon in their fight against phishing fraud. One very important and very cost effective, as in free, weapon!

    I discovered this weapon when other staff members in the organization forwarded phish emails into the information security office. The quality of the phish emails was very good. No spelling mistakes and excellent grammar. The wire instructions in the Business email compromise (BEC) phish emails were well laid out. The email had all the hallmarks of a professional spear phish. Yet my people were catching these phish emails very easily. The folks catching the phish and forwarding to me were not computer geeks but regular office staff with average skills in computing and security awareness. How were these folks able to spot these sophisticated spear phish and regular phish attacks?

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page