Spear Phishing Prevention

Perhaps you saw an article from Forbes on the increasing prevalence of spear phishing attacks that we included. The article, entitled “Spear Phishing 101 – Who Is Sending You Those Scam Emails And Why?” examines the social engineering aspect of these attacks and how they have morphed from more obviously fake emails to sophisticated attacks that exactly mimic the kind of email that you see everyday and are socially trained to respond to quickly, with little to no thought. No wonder that companies are spending time and money on programs to train their employees to avoid being victims of spear phishing attacks and accidentally leaking organization information in the process. However, as we have seen from other studies, it is often the top executives at a company, and thus the biggest targets of spear-phishing attacks (whaling, it’s called at the exec level) that are the most lax about following security protocols.

So what else can be done?

There is an important emerging standard called Domain based Message Authentication, Reporting and Conformance (DMARC) which utilizes long standing email authentication mechanisms of Sender Policy Framework (SPF) and Domainkeys Identified Mail (DKIM) to virtually eliminate unsolicited email. Currently ~80% of US consumer email receivers, and ~65% worldwide, respect a published DMARC policy, removing hundreds of millions of malicious emails daily from consumer mailboxes. Corporations are increasingly adopting this protocol and working with Agari and their third party vendors that send email on their behalf to implement it as well. Anyone who wants to take a proactive approach to eliminating all types of malicious email, including spear-phishing, should investigate and implement DMARC immediately.