In a June 27, 2011 article entitled, “Human Errors Fuel Hacking as Test Shows Nothing Stops Idiocy“, Bloomberg reports that people whose systems are compromised in spear phishing scams are idiots. Spear phishing is a scam in which the miscreant sends personalized emails to deceive the recipient into comprising data.
The article cites the alarming statistic that in Department of Homeland Security experiments, 60% of people who found USB drives in the parking lot plugged the devices into their computers. The article continues that human errors negate all the time and investment in firewalls and other technical defenses. The article cites the advice of Mark Rasch, director of network security and privacy consulting for Falls Church, Virginia-based Computer Sciences Corp and former head of the Justice Department computer crime unit:
“Rule No. 1 is, don’t open suspicious links,” Rasch said. “Rule No. 2 is, see Rule No. 1. Rule No. 3 is, see Rules 1 and 2.”
When the criminals use suspicious emails with suspicious links, for example webpages that request credentials, human stupidity is the cause and suspicion is a good response.
But times are changing. Criminals are getting smarter. The recent study, “Email Attacks: This Time It’s Personal” released by Cisco reports suspicious emails with suspicious links are being replaced by highly targeted emails that do not rely on obvious ploys to steal credentials. Criminals are moving from high volumes of ineffective emails to small numbers of well-crafted highly personalized messages that are indistinguishable from legitimate email. The problem is no longer stupidity, but the inability to tell good emails from bad emails.
Traditional security methods can’t detect and stop low volume, highly targeted spear-phishing email and training isn’t effective – so what can be done to defend the enterprise against spear-phishing? The enterprise can adopt a tool that identifies trusted email so that the target of the spear-phishing attack can distinguish real email from fake email. That tool is SP Guard from Iconix.
SP-Guard provides the recipient with three confirmations that a message is real:
- List View. There is an integrity indicator in the list view of the email client.
- Message. The open message has a further indicator of authenticity.
- Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.
SP-Guard is available now from Iconix. For further information, contact our sales team. At 408-727-6342, ext 3 or use our online form.