Nearly one in two phishing attacks are polymorphic, according to new research.
Polymorphism occurs when an attacker implements slight but significant and often random changes to an email, such as its content, copy, subject line, sender name or template, in conjunction with or after an initial attack has deployed.
This approach means that attackers can quickly develop phishing attacks that trick signature-based email security tools that were not built to recognize such modifications to threats, ultimately allowing different versions of the same attack to land undetected in employee inboxes.
This brings extra complexities to security teams who try to defend against polymorphic phishing attacks as traditional rule-based detection may be insufficient in detection and blocking.
The most cost-effective way of countering these style of phishing attacks is by arming the end-user with the knowledge to spot both the most basic style of phishing attack and these more sophisticated phishing attacks to your organisation. By providing all employees with cyber security awareness training you can help minimise the risk of these style of attacks breaching both your IT and Human Firewall.
With thanks to the Cyber Defence Alliance and Info Security Magazine. The full story is here: https://www.infosecurity-magazine.com/news/half-phishing-attacks-are/
Find out how affordable cyber security awareness training is for your organisation. Get a quote now.