In a recent SlashNext-sponsored Osterman Research whitepaper – Addressing the Key Cybersecurity Issues Organizations Face – it was found that the number one concern identified among IT decision makers was theft of user credentials as the result of a successful email-based phishing attack. And while email will certainly be the focus of many an IT security team, we believe that the real phishing security concern should be outside of the email inbox. We’ve blogged about this before but, focusing solely on email phishing protection will leave exposed a number of attack vectors that could prove disastrous.
The dictionary defines the term “blind spot” (in part) as follows: A subject about which a person is ignorant or prejudiced, or an occupation in which he or she is inefficient.
This gets back to that old adage, we only know what we know. And here’s what we know… The blind spot of network security and phishing threat protection is outside of the email inbox. There are targeted ads, pop-ups, social media scams, IM and chat applications, rogue browser extensions, and web-based “freeware” that are all part of today’s advanced phishing threats. In fact, there are 46,000 new phishing sites alone that go online each day, and most are live for just 4 to 8 hours.
A Krebs on Security blog last year – Look-Alike Domains and Visual Confusion – helped bring to light the sophistication of some of these blind spot phishing attack vectors. He shares some examples of how hackers are emulating trusted brands and domains to entice clicks but are clearly phishing scams. We see the rise of these phishing attack vectors reveal themselves everyday on our blacklist, and the concern for them in our 2018 Phishing Survey results is apparent.
Over half of respondents to the survey named the growing number of phishing attack vectors beyond email as a “Top 3” concern in terms of potential phishing threats. The other top concerns involved the growing sophistication and realism of spoofed sites, and the difficulties in training employees to spot these new types of phishing threats, with almost two-thirds (64 percent) of IT security pros citing shortfalls in employee awareness and training as their top concern for protecting workers against social engineering and phishing threats.
The blind spot for IT security professionals, however, happens in real-time. Time delayed threat feeds and employee education alone are not enough to stop today’s fast moving and sophisticated phishing threats. Simply put, many of today’s social engineering attacks do not target the device, the software, or even the network. They target their users. As noted in a recent Bloor Research report (Security Has Become a Human Problem), it’s the imperfect, fallible human that becomes the vulnerability to enterprise security. And with employees increasingly accessing the Web for everyday tasks, they are exposed to a far greater number of very convincing phishing threats than they used to, presenting IT security teams with a daunting challenge.
Protecting the Blind Spot Requires Real-Time Detection
SlashNext phishing site detection is cloud-powered and out-of-band, so it does not introduce any network latency. It’s real-time, with seamless integration to existing blocking defenses, and near-zero false positives making automated blocking feasible. Together with a simple 20-minute install and no tuning requirements, SlashNext real-time phishing site detection is immediate, non-disruptive, and effective.
Human fallibility and the blind spots in network security are no match for most cybersecurity protection because of latency. Real-time phishing detection is the only true solution in today’s threat landscape.