Search
Close this search box.

Insights

Implementing a Secure Infrastructure: Phishing Attacks & Malware

Share

LinkedIn
Facebook
Threads
X
Reddit
Email

Malicious actors are taking advantage of the panic and disruption caused by COVID-19—with many of them turning to phishing emails as an effective way to lure businesses and individuals into a trap created to distribute malware, steal credentials, and scam users out of money. With the recent 667% increase in phishing attacks related to the coronavirus, organizations must ensure that their security systems are durable and preventive.

A strong, layered approach is needed when defending against these targeted phishing attacks. We’ve compiled some technical protections and tips for defending against these phishing emails and malware:

  • Use DomainKeys Identify Mail + Sender Policy Framework (DKIP+SPK) or header analysis to detect spoofed emails
  • Run active content screening at the gateway and disallow content based on policy
    • This tool will analyze any attachments and links at the gateway before passing it to the end user
  • Implement blacklist that disallow code execution
  • Implement application whitelisting
  • Monitor the network and assets activity using network intrusion detection system (NIDS), host intrusion detection system (HIDS)
  • Send event logs from all assets and security monitoring systems to a security information and event management (SIEM) system
  • Implement strong firewall rules both inbound and outbound
  • Block uncategorized sites and site reputation filtering controls are useful in detecting and preventing phishing attacks
  • Monitor for unauthorized software installation and disallow the ability for end users to install unauthorized software
  • Use strong malware detection and response tools such as Endpoint Detection and Response (EDPR) solutions
    • These solutions defend well against todays advanced persistent threats (APTs) leverage behavior analysis and threat intelligence
  • Use two-factor authentication for domain administrators and consider it for all users
  • Stay on top of security patches
    • Ensure that all new technology downloaded in response to COVID-19 (such as Zoom) is adequately examined and has the correct operating systems and applications
  • Use secure configuration standards on assets
  • Perform regular phishing tests against your employees
  • Consider more frequent and robust internal and external network penetration tests
    • Put the organization’s layered security controls to the test
    • Ensure your penetration testers are testing the institution’s ability to prevent and detect attacks
    • Work with your pentesters to make sure that they’re focused on increasing preventive measures rather than only defensive measures (i.e. testing for the detection of malicious activity before it occurs)
  • Increase communications to your employees on security awareness
  • Develop specific incident response procedures to respond to phishing and malware attacks
    • Have a dedicated contact method such as a “phishing@” or “security@” email address to which employees can forward suspicious messages
    • Track the reporting rates during phishing testing (aiming to see as close to 100% of the suspicious messages reported as possible)
    • Have detailed playbooks available to all help desk staff regarding how to triage suspected phishing emails and malware infections
    • This might include disconnecting from VPN, identifying all other email recipients, or identifying other impacted users/endpoints

By focusing on these technical measures, your organization will be in a better position to prevent these phishing attacks in the first place, and also mitigate the negative effects of these attacks when they do occur.

"*" indicates required fields

Get the insights that matter.

Stay informed with priority news and key industry updates by filling out the form to subscribe.
Name*
This field is hidden when viewing the form
This field is for validation purposes and should be left unchanged.

Connect with a Wolf Expert

"*" indicates required fields

Wolf Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

Newsletter (Insight & Case Study | Wolf Website

"*" indicates required fields

Get the insights that matter.

Stay informed with priority news and key industry updates by filling out the form to subscribe.
Name*
This field is hidden when viewing the form
This field is for validation purposes and should be left unchanged.

Data Solutions | LinkedIn Ads Form

"*" indicates required fields

Data Solutions Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

Get back to business with accounting support from Wolf & Company.

"*" indicates required fields

Outsourced Accounting Solutions Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

Data Solutions | Page

Get back to business with accounting support from Wolf & Company.

"*" indicates required fields

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

"*" indicates required fields

Data Solutions Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

Connect with a Wolf Expert

"*" indicates required fields

Wolf Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

Fintech Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name(Required)

Fintech Inquiry Form

Fill out the form below and our team will reach out to you soon.

Get back to business with accounting support from Wolf & Company.

"*" indicates required fields

Outsourced Accounting Solutions Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

"*" indicates required fields

DenSecure Inquiry Form

Fill out the form below and our team will reach out to you soon.
Name*
This field is for validation purposes and should be left unchanged.

We’re here to help.

"*" indicates required fields

Fill out the form below and our team will reach out to you soon.
Name*
This field is hidden when viewing the form
This field is for validation purposes and should be left unchanged.