The top 10 phishing lures of 2015
End users in my company have fallen for some of these lures, so while it might not seem a solid "news" item to some, I say awareness is always a good thing.
Source: Techworld
Years after they were first used to catch out unwary users, simple phishing scams sent via email are both common and effective. On the face of it this is surprising. Businesses installed email-filtering gateways a decade ago, some even investing in technologies designed to authenticate messages such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM)and Domain-based Message Authentication, Reporting & Conformance (DMARC).
While this has made some difference in filtering out spam and unwanted messages, phishing email has evolved to counter these techniques. The plain truth is that users have to open email, some of that will have been targeted well enough to allay suspicion, and getting around the defences that have been thrown up is still more than possible.
Focus has shifted from using technology on its own to user training even if this promises only an imperfect cure. But user awareness can and does make some difference.
Here we present a top ten list of phishing lures as compiled by email security-as-a-service firm Proofpoint. These represent the most common techniques based on their own filtering of messages. How may of us wouldn't be swayed to click on at least one of these?
While this has made some difference in filtering out spam and unwanted messages, phishing email has evolved to counter these techniques. The plain truth is that users have to open email, some of that will have been targeted well enough to allay suspicion, and getting around the defences that have been thrown up is still more than possible.
Focus has shifted from using technology on its own to user training even if this promises only an imperfect cure. But user awareness can and does make some difference.
Here we present a top ten list of phishing lures as compiled by email security-as-a-service firm Proofpoint. These represent the most common techniques based on their own filtering of messages. How may of us wouldn't be swayed to click on at least one of these?
Comment