Who Is

watching out for you?

In today's world you need to understand a few more things...

Who Is

knocking on your virtual front door?

It could be someone down the block or from the Bloc

Yes you can train users not to click on phishing email

Stu Sjouwerman, KnowBe4

16 Feb 2016 - Education remains the best defense against phishing attacks.

 
In its most recent white paper, The Phishing Breakthrough Point, KnowB4 had Lydia Kostopoulos, a professor at Khalifa University, run a six-month scientific study.

“We sent five people phishing emails to see if there was a breakthrough point at which people actually recognize a phish,” said KnowB4 founder and CEO, Stu Sjouwerman. “You train them, and continue to phish them. The numbers are interesting— at first 15% of users are phish prone, and then it drops to 1-2%. This is independently verified.”

Exploited WordPress sites are used to disseminate malware. As a popular website platform, especially amongst non-technical users, WordPress is often not well defended. Both its popularity and often poor defense also make WordPress sites popular targets.

Sometimes visitors to WordPress sites are redirected to sites compromised with exploit kits, such as TeslaCrypt ransomware.

[Note: while we are against the death penalty at Securbuzz, our convictions waiver when some criminal sullies the name of arguably the greatest scientific inventor of the 20th century.]

Further towards its mission to educate users about the prevalence of phishing, KnowB4 released a tool administrators can grab and deploy in their environments.

It gives users a button on their Outlook ribbon. If they see a phishy message they click that button. It deletes the suspect email from their inbox, and sends it to the Incident Response (IR) team for examination. In small organizations that’s the IT guy.

Through this alert button, which users can choose to send KnowB4 copies, a new type of phish was discovered.

•    You get an email with an attachment.
•    There is no bad link.
•    The text is a social engineering attack to lure you into opening the attachment.
•    In the attachment is nothing malicious.
•    There’s a picture of an invoice, and a link you have to click to see the invoice.
•    The attachment is a second social engineering attack.
•    The link goes to a legitimate website, which has been compromised and also isn’t on any blacklist yet that any filter would catch.

“So this slips through every filter, because none of it is malicious,” said Sjouwerman. “No spam filter, no email, no proxy server will catch this. That’s what we get back from the phish alert button. You can’t catch it… the only thing you can do is train your users.”