When we talk about legacy security challenges and solutions, we can’t forget about our old friends email and phishing.  Phishing has been around for over 20 years and is still one of the most effective attack paths to steal credentials, exploit endpoints, and deploy malware.  After 20 years, you’d think we could find effective solutions to thwart these attacks.

Email has been around for over 50 years, evolving a set of protocols and standards that make up our current email systems.  However, a number of these protocols and standards are inherently insecure.  As an industry, we’ve attempted to deploy solutions to protect against these flaws.  We’ve tried email filtering, web filtering, attachment scanning, spoofing prevention, and even user awareness training.  Yet, phishing still works.  Will we ever find a solution?

We recently interviewed Kevin O’Brien, CEO and Co-Founder at GreatHorn, on Enterprise Security Weekly to discuss phishing, the latest attacks, and approaches to prevent these attacks.  Kevin shared the details of a massive cyberattack propagating via redirector domains and subsidiary domains.  The challenge with these types of attacks is that traditional email security tools won’t detect them, as the domains are legitimate, but using redirects to propagate them.  The end result of this attack is credential theft, deployed malware, and potentially a future business email compromise.

GreatHorn recommends that security teams immediately search their organizational email for messages containing URLs that match the threat pattern (http://t.****/r/) and remove any matches immediately.  If you don’t have the resources, GreatHorn provides the most comprehensive email security platform, giving organizations the sophisticated email security control required, including the ability to:

  • Detect and block attacks before they reach end users.
  • Reduce attack engagement by warning users during an attack of potential threats.
  • Limit exposure by automating incident response and remediation after an attack.

To get a better overview of the details of this attack, watch the interview on Enterprise Security Weekly here, watch their on-demand webcast, Preventing Phishing Scams in the New Perimeter-less World, or visit securityweekly.com/greathorn for more information.