The shift to the cloud, poor password management, and evolving web page technologies have led to an increase in phishing attacks, but despite the efforts of security practitioners to mitigate them through email protection, firewall rules, employee education, and more, phishing attacks remain a highly dangerous attack vector.
A new report from LayerX examines today's phishing attack landscape and analyzes the safeguards organizations have in place to defend against them. The report, “The Dark Side of Phishing Protection: Are You Getting the Protection You Need?” (download here) can help security and IT professionals better inform their organization's security posture. You can use the report to identify security blind spots within your company and identify controls and practices that can help provide visibility into those blind spots.
Understanding the threat: phishing statistics
Phishing is on the rise. The report draws on a variety of sources to explain the severity of the problem.
- 61% increase Overall phishing attacks against businesses
- 83% of organizations The phishing attack was successful
- Over 1100% increase Phishing URLs hosted on legitimate SaaS platforms
Phishing attack breakdown: Where are your protection blind spots?
Why are these statistics so high? The report details three main ways attackers exploit systems through phishing:
- mail delivery: They send maliciously crafted emails to victims’ inboxes or via social media, SMS messages, and other productivity tools.
- Social Engineering: It tricks users into clicking on malicious links.
- Web Access and Credential Theft: They trick the user into visiting a malicious web page and entering their credentials. Here again there is a blind spot in protection.
3 Alternatives to Prevent Visits to Phishing Pages
As security professionals, we also need solutions to our problems, and the report offers three ways to protect against phishing page attacks:
- Page Sentiment Analysis: It utilizes threat intelligence feeds to analyze the URL of the target page and calculate a score. Disadvantages: These feeds cannot technically cover all threats and risks.
- Browser Emulation: Suspicious web pages are run in a virtual environment to reveal any phishing or other malicious features embedded within them.Gap: is resource intensive and introduces latency, making it difficult to apply at scale.
- Browser Deep Session Inspection: It analyzes all live web sessions from within the browser, inspects the step-by-step assembly of web pages to detect phishing behavior, and triggers session termination or disablement of phishing components.
The solution protects organizations at the critical point where attacks achieve their objective: the browser itself, so it succeeds where other solutions fail: if an email protection solution fails to flag a particular email as malicious and it passes through to an employee's inbox, or if an employee never clicks on a link within the email, the browser security platform blocks the attack.
More information: Browser Security Platform and Deep Session Inspection 101
The key takeaway from this report is that IT and security professionals should evaluate a browser security platform as part of their anti-phishing stack, which detects phishing pages, disables password stealing capabilities or ends the session entirely, and deeply inspects browsing events to provide real-time visibility, monitoring and policy enforcement.
Here's how it works:
- The browser receives the code for the web page
- The browser begins executing the page
- The Browser Security Platform monitors pages and uses ML to detect phishing components.
- Browser security platform negates phishing attacks on your pages
Click here for the full report.
