Businesses Require New Techniques to Combat Phishing in 2018

The Verizon 2018 Data Breach Investigations Report provides valuable insights into emerging phishing threats. CISOs, IT managers and cybersecurity consultants should be aware of new phishing techniques this report raises in order to better manage the associated risk they bring.

The most exciting finding in this year’s report is the increased sophistication and prevalance of social engineering. Cybercriminals have taken social engineering to a new level by NOT using malicious file attachments or hyperlinks in emails. Rather, criminals impersonate a person of authority, colleague or business partner. They establish trust through communicating with the victim over time and then ask victim to pay a bill, send money or take other actions that can be monetised.

The other notable detail in the report is that the majority of malicious file attachments are not executable files but script files such as JavaScript, VB Script, Microsoft Office documents and PDFs. Malicious script files with malicious code are easily and inexpensively changed to bypass traditional email filters. Hence these scripts should be neutralised by an email gateway.

Lastly, the report states that 37% of malware hashes appear once, never to be seen again. This means that traditional antivirus software or spam filters are not capable of identifying and blocking phishing emails with malicious code inside. The only should have a malware sandbox instead to analyse the file attachments for malicious intent before they hit the recipients’ mailboxes. An effective way to detect these threats is to run them through a malware sandbox.

>> Read the full report here <<

About Iron Bastion

Iron Bastion are Australia’s anti-phishing and cybersecurity experts. We offer all businesses the same anti-phishing technology used by big businesses, without the big-business pricing.

Our range of anti-phishing services is cloud-based, fully managed and easily integrate with your existing infrastructure. Our team are qualified cybersecurity professionals, and all our staff and operations are based in Australia.

Contact us for a free consultation, or sign up for a 14-day free trial of our services today.

* * *


Gabor Szathmari is a cybersecurity expert and digital privacy enthusiast. In his professional life, Gabor helps businesses, including many small and mid-size legal practices, with their cybersecurity challenges at Iron Bastion.