We say things like: DO NOT CLICK ON Phishing emails!!
But then Equifax creates www.experianidentityservice.co.uk ??? or creditexpert.co.uk/login/login
Bsides in London earlier this year had a presentation by Meadow Ellis (@notameadow).
Meadow makes a good point, as we as Cybersecurity professionals ask users to be careful what you click, and then somebody in the company makes a difficult to read domain name, since the easy ones are taken.
So if a user can at times be duped and then clicks on malware (let’s face it users will never be 100% accurate) then we must assume that the hackers can go into one of our systems inside the firewall.
So this scenario describes why we need to have zero-trust network architecture, and in a zero-trust network, we assume the bad guys are everywhere, so it requires identity management to be hardened.
Assume that phishing will work eventually in your environment
Here is where tyhe phishing domains are actually coming from(Paloaltonetworks.com post):
You see the problem is all the hosting companies are in the USA so as I mentioned all the attackers are already in our midst.
Your risk management and Cybersecurity plans need to reflect that.
Your marketing efforts should reflect a simple domain structure that makes sense so that when the phishing people try to scam your customers, they will hopefully see through the bad domains.
As per Isaca presentation: “State of Cybersecurity” 90% of all federal (US) breaches are started with a phishing email.
Contact us to discuss your cybersecurity risk management profile.