Subscribe
|

Are Phishing Attacks Getting Smarter?

“The Google attack really showed that just authenticating the sender is not enough.”

Photo of a person blocking scam emails on a computer
Photo by Tippapatt via iStock

Sign up to get cutting-edge insights and deep dives into innovation and technology trends impacting CIOs and IT leaders.

Nat Rubio-Licht The Daily Upside

Nat Rubio-Licht

Phishing attacks are using better bait. 

Last week, attackers were able to send emails to recipients that appeared to be from Google’s systems, leading the victims to a fraudulent page that collected login information. The hacker was able to send messages that appeared to be from a “no-reply@google.com” email address, passing authentication and verification checks. 

The incident highlights the growing sophistication of phishing attacks, which are benefiting from an expanding arsenal of AI tools to make them appear even more legitimate, said Jan Miller, CTO of Threat Analysis at OPSWAT. The shift to cloud has also given hackers a larger surface area of attack, he said. 

“The Google attack really showed that just authenticating the sender is not enough,” said Miller. “You need to really inspect the content as well.” 

With the growing sophistication of such attacks, how can enterprises avoid falling victim? There are a few useful tactics, said Miller:

  • One is “sandboxing,” or a security practice that allows for the examination of suspicious content without the risk, Miller said. This could look like image or text analysis to catch details in the content of a phishing email that may otherwise be missed. “In addition to the authentication, you also need dynamic analysis and content inspection.” 
  • Another is applying the principles of “zero trust,” he said. As the name implies, this security framework relies on never trusting any user, device or application, and requiring constant verification. 
  • For example, OPSWAT will “sanitize” URLs that it comes across to redirect to a cloud service, where AI analysis is performed to ensure the integrity of a link. 

“While the sophistication of the phishing attack is becoming multi-step, these model analysis pipelines are becoming more sophisticated as well to counter that,” said Miller. “It’s kind of like a battle of technologies.” 

At a certain point, however, there’s bound to be someone in your organization who clicks the wrong link, said Miller. It’s important to have the proper protocols in place before such events. 

That means limiting data access to only what each employee needs, having an incident response plan in place, and performing “dry runs” of security procedures, said Miller. Even things as simple as multi-factor authentication and VPNs can serve as lines of defense. “The least-privileged approach is key,” he said.

Smart, actionable news trusted by millions.

Our flagship newsletter delivers smart news and analysis on finance, and investing — all for free

Recent News

Sign Up for CIO Upside to Unlock This Article
Cutting-edge insights into technology trends impacting CIOs and IT leaders.