Incident Response, TDR

Phishing continues to be effective, McAfee Labs report shows

Phishing continues to be an effective tactic, according to the McAfee Labs Threats Report: August 2014.

Out of 16,000 business users who took the McAfee Phishing Quiz, which asks users to select if they are viewing a phishing email or legitimate email, 80 percent fell for at least one of seven phishing emails, according to the report.

Human resources staffers performed the worst, with employees in accounting and finance falling not far behind, the report indicates, adding research and development staff performed the best, with IT workers being a close runner-up.

McAfee observed that spoofed email addresses was most effective at fooling respondents, explaining in the report that a UPS phishing email using this tactic, coupled with carefully placed branding elements, was the most successful.

Persistence pays off – one successful phish can cause a breach and enable attackers to gain access to corporate networks, Rohyt Belani, CEO of PhishMe, told in a Friday email correspondence.

“Rather than trying to reduce susceptibility to zero (which is impossible), organizations should focus on improving attack detection by nurturing human sensors that will report suspicious emails,” Belani said. “This ensures that even if an employee does fall prey to an attack, others that were targeted by the same or a similar attack identify it and report it to the incident response team in a timely manner.”

Some tell-tale signs of phishing are emails that appeal to emotions through fear or urgency, contain and ask users to open unexpected links or attachments, request login credentials, and contain elements such as overly generic text and greetings, Belani said.

In a Friday post, Symantec warns that the Kelihos botnet is being used to send phishing emails purporting to be from Apple.

In a sample email, the message indicates that the user's Apple ID was used to make a purchase on a device not previously linked to that account. The user is urged to check their Apple ID by clicking a link in the email. Clicking the link brings the user to an Apple phishing page that asks for an Apple ID and password, and presumably steals the credentials if entered, the post indicates.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.