Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News & Articles

November 5, 2021 |

Sharp Tips to Dull Spear Phishing Attacks

With spear phishing looming larger on the threat landscape, channel pros must take steps to help SMBs with protective measures.

IMAGINE A SCENARIO in which a midlevel executive has been emailing her real estate agent about a transaction for weeks. In the final days of negotiation, the executive’s administrative assistant is expecting to deliver a down payment check, but at the last minute receives an email from his boss: “”Change of plans; we’re not cutting a check,”” she writes. “”Instead, please wire the funds here””—and the email includes a link with directions for entering account details.

If the assistant does as his boss instructs, he will have fallen victim in this case to “”spear phishing.”” Although it’s not a new phenomenon, spear phishing is becoming an increasingly common type of attack.

Unlike broad phishing attacks that spam large recipient pools, spear phishing employs impersonation and targets specific individuals. “”[The attackers] leverage authority and scarcity to get people to click,”” sums up Diana Kelley, CTO of SecurityCurve, based in Rye, N.H. “”They do a really good job of enticing us to click and respond.””

That’s because the “”bad guys”” are doing homework so they can tailor their attack to a specific person or organization, “”tricking end users to hand over credentials to their email account or take some kind of action,”” explains Chris Hamm, CTO of Premier One, a managed service provider based in Topeka, Kan.

Many initial spear phishing attacks begin with urgent notifications seemingly from trusted services, like Microsoft 365 or a routine file-sharing or document-signing platform. “”With any of these cases,”” Hamm says, “”once the attacker can get a valid username and password, they’re going to login directly.”” The attacker may then read dozens of emails and devise a finely tuned spear phishing plot.

The types of attacks Hamm describes are becoming “”far greater than SMBs’ ability to detect and respond,”” says Ori Arbel, CTO of Israel-based Cyrebro, a cloud-based security operations center-as-a-service provider. As a result, he adds, the SMB market lags behind in addressing the threat.

Moreover, Arbel says the average MSP is “”not as equipped to defend clients from spear phishing as they need to be.”” For instance, he says, “”Two-factor authentication is not widely adopted or enforced, and ‘don’t click’ policies are not communicated enough.””

Two-factor authentication is the biggest protective measure MSPs can take, according to Hamm. “”The Office 365 account absolutely has to have multifactor authentication,”” he stresses, adding that “”you really need it for any online account—all your banking and financial accounts, and even Amazon and Facebook.””

Kelley agrees and cites other “”really low-hanging fruit”” for MSPs to implement—namely, the DMARC email authentication protocol (so outsiders can’t spoof your address) and mail exchange (MX) records in the Sender Policy Framework (SPF) of a Domain Name System (to define the exact IP addresses permitted to send email). “”This is good mail hygiene,”” she says.

Hamm offers another set of frontline solutions: external email tagging and AI-driven email scanning.

“”Most systems include a pretty simple tag that says it’s coming from outside the organization,”” Hamm notes. “”So, if you get an email from Dave in Accounting, but there’s a tag across the top, you know it didn’t come from inside the company.””

As for email scanning, Hamm says these AI systems are “”scanning for characteristics of emails compared to other emails in the inbox or in the company as a whole to identify [suspicious] things.”” Barracuda Sentinel is one example, and it integrates with Microsoft 365.

Still, nothing is quite as effective as user awareness. “”Channel pros need to educate their users about the potential threat and ramifications,”” Arbel points out. “”Training employees on a regular basis on how to recognize common tactics and properly protect their stations is vital.””

Kelley says what’s needed is a change in the culture of response. “”There used to be a lot of dismissive comments [from channel pros] that the problem existed between the chair and keyboard. I’m happy to see that changing. We’ve got a real opportunity to engage in deeper learning that can be fun and gamified. People shouldn’t be made to feel embarrassed if they get fooled by a really good phish.””

Image: iStock


Editor’s Choice

ChannelPro DEFEND Conference Heads to NJ, Promises to Lift Cybersecurity and Profitability of MSPs

July 8, 2024 |

Register now for ChannelPro DEFEND: East in Islen, NJ, on Aug 7 and 8 for unparalleled cybersecurity learning, networking, and collaboration opportunities.

Introducing ChannelPro’s Top 20 MSPs for 2024

June 18, 2024 |

These companies lead the way in building up the IT channel, as well as ensuring that their clients run thriving businesses.


Related News & Articles

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience