Page 57 - Cyber Defense eMagazine December 2023
P. 57
be used to attack any business, organisations of all kinds need to check they are comprehensively
protected.
Of course, awareness and training are the first port of call when combating phishing attacks – something
that many organisations already know about and implement. According to one study, 84% of respondents
conduct regular training to help staff understand phishing and reduce victimisation rates.
However, with threat actors becoming increasingly smart with their campaigns, it is important that firms
go a step further, embracing a variety of policies, tools and technologies to develop multi-layered security
strategies capable of bolstering defences against modern threats.
Here, we recommend technologies like HEAT Shield that can help protect users from credential
harvesting and account compromise. Not only can it cut off the attack vector from the initial access stage,
but also it can redefine the way in which security is implemented, enforcing a proactive approach to deal
with such highly evasive threats.
In the case of the Indeed.com attack, the technology successfully detected the phishing site using AI-
based detection models to analyse the rendered web page prior to any URL reputation service and other
security vendor flagging the page as malicious. During this process, it also generates zero-hour phishing
detection alerts, providing greater visibility and context of threats to security and SOC analysts.
The Indeed.com campaign is just one reminder among many of the importance of constantly evolving
and enhancing security strategies to stay one step ahead of increasingly sophisticated threat techniques.
About the Author
Brett Raybould - EMEA Solutions Architect, Menlo Security. Brett is passionate
about security and providing solutions to organisations looking to protect their most
critical assets. Having worked for over 15 years for various tier 1 vendors who
specialise in detection of inbound threats across web and email as well as data
loss prevention, Brett joined Menlo Security in 2016 and discovered how isolation
provides a new approach to solving the problems that detection-based systems
continue to struggle with.
Cyber Defense eMagazine – December 2023 Edition 57
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.