Phishing has flourished in recent years for businesses of all sizes. The consequences can lead to a tarnished reputation and loss of business.
Usually, the attacker will research personal information about the individuals in order to make their messages sound more convincing.
The availability of personal information via social media has made this process a lot easier for cyber criminals, this stresses the importance that businesses must educate their users to be vigilant at all times, especially in their personal online activities.
Reacting to the attacks on the BBC (http://www.bbc.co.uk/news/technology-21879230) and offering advice to other organisations to avoid such attacks, Wieland Alge, IT security pioneer, inventor of one of the most robust corporate firewalls and VP and General Manager EMEA, Barracuda Networks writes:
The form of the recent attacks on the BBC is very common. Criminal organisations dealing in internet attacks now focus their activity where users are most active: social networks. Drive-by-downloads are an effective tool, as they do their damage with just a single click in a tweet or Facebook post. Common sense will remain the first line of defence, but anyone surfing without the proper and up-to-date technical security measures risks falling victim to an attack through only a moment’s lapse.
Some Security vendors offer free-to-use systems for users to avoid such attacks such as our Profile Protector, which scans for dubious objects and malicious links, protecting the user from attacks.
“The attacks on the BBC used another common form of attack, which includes using email addresses stolen from specific databases using ‘SQL injection’ to launch targeted spear-phishing attacks against email users. To mitigate against this, protecting your databases using properly configured web application firewalls (WAFs) should be a no-brainer.