///////////////////////////////////////////////////
t cht lk
SOMETHING ‘PHISHY’:
HOW TO IDENTIFY AND
AVOID PHISHING SCAMS
Phishing might be one of the oldest tricks in the books
for cybercriminals but it remains a significant threat,
with sophisticated new attack methods constantly
emerging. Harish Chib, Vice President, Middle East
and Africa, Sophos, outlines some of the current
trends and offers some advice to help businesses and
organisations protect themselves.
P
hishing is one of the most common
attack vectors for hackers who exploit
end-user behaviour as the weakest link
in an organisation’s cyberdefence. For years,
criminals have disguised attacks in emails and
today we see phishing emails as a primary
delivery method for ransomware payloads.
Phishing emails have led to massive data
exposures, which caused major reputational
and financial damage in the private and
public sector over the last few years.
As cybercriminals continue to prey on
employees through their technology, they
are always taking measures to be one step
www.intelligentcio.com
ahead. In an organisation all it takes is one
employee to take the bait.
Today’s phishing attacks are so prevalent
and so convincing across organisations.
What started off as simply ‘phishing’ has
now developed into three branches of
attacks: the classics, mass phishing and
spear phishing, and the recently emerging
trend of business email compromise acting
as a subset of spear phishing.
Business email compromise (BEC) is
associated with employee email accounts
being compromised rather than the sender
“
CYBERCRIMINALS
WILL CONTINUE
TO TAKE
ADVANTAGE OF
OPPORTUNITIES
AS LONG AS THEY
ARE GETTING
THEIR MONEY.
THE FIGHT IS
CHALLENGING
BUT IT’S
SOMETHING WE
CAN WIN.
INTELLIGENTCIO
95