It should not be a surprise, but 95 percent of breaches come through phishing attacks. Nothing more than a simple lure email lands in one of your users inboxes, they click it, and everything unravels from there.
In January we released an in-depth technical white paper that pulls apart the Qadars Banking Trojan, a threat that targets financial institutions, POS systems, and even popular online gaming sites.
There was a great deal of information, including just how much effort our R.A.I.D. team had to put into reverse-engineer the malware, which is why we wanted to further highlight exactly why this trojan is such a threat.
During our webinar focused on the Qadars Banking Trojan there was a great deal of analysis provided on just how evasive the threat is. This begs the question, how does your team handle malware analysis?
You wake up, wipe the sleep away from your eyes, among the first things you do is to reach over and grab your phone. Your work day hasn’t officially begun, but you’re already looking through your emails. The night before? A similar process, but in reverse. According to a Good Technology survey, 68 percent of professionals check their work email before 8 am and another 50 percent check it while in bed. It doesn’t end there though, as 38 percent commonly break from the dinner table to look through their work emails, too.
When your employees and team report suspicious emails, it’s an indicator that the security awareness training in place is having a positive effect.
Regardless of the email being spam or legitimate, just a single thwarted attack can make the difference between a slight headache or irreparable financial damage. However, this process is a two-way street, and timely analysis of said reported email is important for several reasons, especially for risk mitigation and improving training effectiveness.
To drive home how important the timely analysis of reported emails is we spoke to our Founder and CTO, John LaCour.
Topics: Threat Monitor
You receive an email, you are unfamiliar with the sender’s name or email address, and they are offering you a new service or deal on something. Is it malicious? Not necessarily. Perhaps you forgot about signing up for a newsletter a while back.
In anticipation of our previous threat monitoring and forensics webinar we asked the Twitterverse what happens after they report a suspicious email. Does it fall into a black hole? Does IT check it out to mitigate potential impact? The results are in, and interestingly a majority of polled respondents simply don’t know what happens to their emails after they report it.
Have you ever wondered what happens after a phish gets reported? Does it simply fall into a blackhole? That’s what PhishLabs set out to answer during this month’s webinar.
As you are likely aware, 95 percent of data breaches, an event that occurs on a daily basis, are the direct result of phishing attacks. For as old as phishing is, it continues to be a cyber security threat because it continues to be effective and technology alone can’t combat email attacks. This is not to mention the rise in other phishing attempts through the likes of social media, messengers, and even gaming systems.