{"id":9073,"date":"2018-09-06T14:32:53","date_gmt":"2018-09-06T21:32:53","guid":{"rendered":"https:\/\/www.wowrack.com\/blog\/?p=1302"},"modified":"2024-01-15T18:51:25","modified_gmt":"2024-01-15T11:51:25","slug":"3-step-anti-phishing-strategy","status":"publish","type":"post","link":"https:\/\/www.wowrack.com\/en-us\/blog\/uncategorized\/3-step-anti-phishing-strategy\/","title":{"rendered":"3 Step Anti-Phishing Strategy"},"content":{"rendered":"

Phishing attacks are some of the most basic yet effective weapons used against organizations who do not have an anti-phishing strategy. \u00a0They often lure in their victims by appearing urgent or work-related in nature and, oftentimes, organizations do not have a proper defense to combat this growing threat.<\/span><\/p>\n

For this reason, it is important that your organization adapt a 3-part anti-phishing strategy so that your risks are reduced. \u00a0These three items include technical\/IT infrastructure controls, end-user controls and a flow to handle attacks in the future. <\/span><\/p>\n

STEP 1: Technical\/IT Infrastructure Controls<\/b><\/h2>\n

The first part of the equation is to make sure you have the proper top-level protections in place before any phishing travels down to the end-users. \u00a0This must be done on the server infrastructure level. Services such as <\/span>Hosted Email Security<\/span><\/a> gateways help with this and provide a host of other benefits that are essential for any company who cares about productivity and security.<\/span><\/p>\n

Companies can also consider two-factor authentication for publicly-facing pages that employees have access to. If a company is large enough, it is inevitable that an employee falls for a phishing attack. Two-factor authentication can help protect company assets in the event that this does happen.<\/span><\/p>\n

STEP 2: End User Controls<\/b><\/h2>\n

The next part to consider is user education and remediation. \u00a0For the threats that make it past the proactive measures in Step 1, your next layer of attack should be from employees themselves. \u00a0Employees should be trained on what to look for and have a thorough understanding of policies regarding how tasks are processed. For example, if ordinarily you receive reports or invoices in a certain manner, employees should be instructed to not open emails that do not fit that standard. <\/span><\/p>\n

Past the education process, some companies opt to bring in <\/span>email security experts<\/span><\/a> to do pen-testing and bait their employees to see who and how a user interacts with a potential phishing email. \u00a0These employees should not be punished but instead undergo further training.<\/span><\/p>\n

STEP 3: Establish a Flow<\/b><\/h2>\n

Once an email has been flagged as a phishing attack, it is important to take immediate action against it. \u00a0Establishing a flow on how to handle these attacks can ensure that the threat is eliminated and filtered in the future.<\/span><\/p>\n

A simple flow may include:<\/span><\/p>\n

    \n
  1. A process for easy reporting by employee to IT Team<\/span><\/li>\n
  2. Investigation by IT Team to see if it is an attack and performs a block<\/span><\/li>\n
  3. Adding email from IT team to Security Suite so that the Infrastructure controls can learn and improve <\/span><\/li>\n<\/ol>\n

    Wowrack\u2019s<\/span><\/a> team is available 24\/7 to assist your organization establish a plan and assist in all steps. \u00a0<\/span>Contact us today<\/span><\/a> for your no-obligation free consultation. <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

    Phishing attacks are some of the most basic yet effective weapons used against organizations who do not have an anti-phishing strategy. \u00a0They often lure in their victims by appearing urgent or work-related in nature and, oftentimes, organizations do not have a proper defense to combat this growing threat. For this reason, it is important that […]<\/p>\n","protected":false},"author":15,"featured_media":12592,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[11],"tags":[],"class_list":["post-9073","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","post-wrapper"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/posts\/9073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/comments?post=9073"}],"version-history":[{"count":0,"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/posts\/9073\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/media\/12592"}],"wp:attachment":[{"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/media?parent=9073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/categories?post=9073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wowrack.com\/en-us\/wp-json\/wp\/v2\/tags?post=9073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}