Phishing Attacks Evade Traditional Security Defenses

/in /by
Native security is no longer sufficient, requiring organizations to invest in a new approach, a Zero Trust model.

 We talk a lot about the growing sophistication of the threat landscape and attack vectors.  Part of these advancements include the threat actors’ ability to bypass security defenses that have been created from specific signatures and characteristics that traditional phishing attacks possessed.

Dissecting the Success of Phishing Attacks

Phishing campaigns are successful for two key reasons: people and process.  It is a combination of these two components of a phishing campaign that have led to the shortcomings of traditional security tools and measures.

People

The traditional characteristics of a phishing attack, such as grammar errors, misspellings, unfamiliar email addresses, and an unusual request, no longer exist.  Rather, a single lapse in judgment is enough to have users fall victim to a phishing attack anymore.  Traditional security training does not provide a user with the degree of awareness needed to point out a phishing campaign in the twenty-first century.  Spoofed email addresses, brand impersonation, and browser updates all seem legitimate at first and second glance.  Phishing attack cues are evolving.

Process

Today, the legitimacy of the channels for which phishing attacks occur make the bypassing of traditional security defenses a rather easy feat.  Email, web browsers, and social media applications have complicated the required security measures to detect and respond to phishing attacks.  The process of running a phishing campaign is quite novice, making it an easy attack vector for amateur threat actors to leverage.  The technical knowledge necessary to deploy a phishing attack is minimal and with entire phishing kits for sale at a low cost on the dark web, the pure quantity of attacks continues to rise.

Traditional Defenses Are Not Enough

As explored above, the traditional approach to protecting against a phishing attack is unlikely to prove successful.  It’s the combination of convincing users that the correspondence is legitimate and being able to dodge traditional security measures that escalates the severity and success of phishing attacks in 2023.  Rather, organizations need to invest in technical controls for a sophisticated social engineering landscape.

Change in Approach

To protect against phishing attacks in 2023, activity needs to be judged on an instance-by-instance basis, meaning, every email link clicked, every Google Chrome update, every URL visited, needs to pass through its own filters.  The zero-trust model is critical to minimizing the success of social engineering attacks.  With this model, only proven safe activity should be trusted.  In the terms of cybersecurity, this is similar to a whitelist approach.  The issue with a whitelist approach is that employees still need to be able to complete their responsibilities with ease, not bumping against the whitelist that exists.  As a result, a modified approach to filtering needs to be taken, recognized whitelist activity can continue per usual, while additional questioning and isolation is conducted for new traffic.  Beyond the additional security this approach provides, it also establishes a level of confidence and comfortability for the employee that they are being cyber smart without them having to second guess every click on their company network.

Here at Conceal, our browser exists to bring this zero trust approach to life at the edge.  To find out how we can help you change your approach to address phishing and other social engineering attacks on the web, request a demo today.