Neustar Engineering reported that there are millions of phishing emails every day since most “email servers don’t actually block email that may be spoofed and may even fail authentication at some level.” The August 20, 2015 blog entitled “Ten Cyberthreats Outside the Firewall” included the following comments about phishing and about the importance of training because “Not opening the email in the first place is your best bet”:
A user that falls for a phishing email may expose a network to malware or spyware. Malicious emails may contain links to ‘look-a-like’ sites that fool visitors into exposing credentials or passwords. This may be the first step towards a broader cyberattack. Once again, training is critical. Firewalls and Recursive DNS servers can be used to block users from reaching malicious websites. Anti-virus software that checks all attachments can also be an effective measure against poisoned attachments.
Here’s the list of all Ten Cyberthreats:
- Social Exploits
- TLD Hijacking
- Domain Hijacking
- UDP Flood
- Slow and Low Denial of Service Attacks
- SYN Floods
- Click Fraud
- Registration Fraud
- WiFi Snooping
No surprises in this list, but apparently solving these problems is not easy since they persist.