Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

How Do We Know About New Phishing Attacks? Because Some Human Reported It.

Keep training your people about the newest threats – the power of the collective is a critical element in how to stop phishing

We hear it all the time: “The human is the weakest link!” or “People can’t get their heads around the technology so how can we expect them to know bad when they see it?” 

Keep training your people about the newest threats – the power of the collective is a critical element in how to stop phishing

We hear it all the time: “The human is the weakest link!” or “People can’t get their heads around the technology so how can we expect them to know bad when they see it?” 

Yeah, right. 

The fact is that humans can make all the difference. At the risk of an engineer making observations about humans, I’m going to step out on a limb here and say this: people are exceptionally good at recognizing patterns. And it is through pattern recognition that your people can be trained and equipped to be your best, first line of defense. All your people. From the CEO to the newest intern, I believe everyone can, if given the right equipment, make a substantive difference in our collective security posture.

Going back to the dawn of time, we evolved to recognize and avoid danger. Whether it is someone in the north woods tuned to recognize the tracks of a bear, or an executive in Tokyo wondering why the Microsoft logo is not quite the right color; we are very good at seeing differences in things that we are extremely familiar with. What we need is to take that sensitivity to cybersecurity and arm the masses with the tools to recognize the tracks of the bear. What’s cool about this is we only need one of those educated humans to report what they see, to make a tremendous dent in an ongoing phishing attack. That’s right, just one.

Collective human power is certainly not a new concept. There are examples of crowd-sourcing information all over the place. Marketing firms use it to target buyers. Uber uses it to set pricing. Home Depot uses it to position stock in stores ahead of storms. Waze uses it to share where construction sites or delays exist. There are tons of examples of where the power of people has improved the lives of the collective. 

The power of the collective is also a critical element in how to stop phishing – especially phish that make it through the email security stack and land in an inbox, because those phish have already shown they can get around the positioned tools and technology. So, when phish bypass technology, how do these threats become known to security professionals? Humans detect and report them. 

When someone reports a threat within their inbox to the security team, those analysts can figure out the tradecraft, how to detect it, what it means, and how to respond. But not every company is equipped to have analysts at the ready, aware of all threats always. Threats can come from anywhere and there isn’t a Security Operations Center on earth that can stay ahead of it all. Even Cofense, with an army of analysts, wouldn’t be able to know the breadth of the threat without a continuous feed of information, reported into our Phishing Defense Center. We all need the source material to know what is different about this phish that looks just like that phish.

Advertisement. Scroll to continue reading.

The problem of phishing attacks is too big and too varied to depend on a few folks in a company ops center, or a vendor or two in your email flow. Organizations need humanity leveraged against this threat. So, keep training your people about the newest threats. Keep supporting those who are reporting, even if they are reporting SPAM. Keep looking at the reported emails and learning from them. And of course, leverage the power of the collective – the network effect – for its ever-evolving intelligence wherever possible to keep your employees free of all the bad stuff that has made it to their inboxes. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybercrime

Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails.