"What cybersecurity threat are you seeing most in the field?"
Mike: Definitely sophisticated phishing attacks. Specifically, spear phishing [i.e., directed at a specific person]. We see where people in financial roles are being targeted.
The last one I saw was really crazy. It 100% looked like, “Hey, I’m supposed to enter my MS 365 credentials,” and it stole the credentials, and it stole the MFA.
Where it excelled is, there isn’t a ton of email content, and the subject line looks legit.
When you click on the link inside the email, a second window pops up, and it does the animations for Office 365 and everything. And when you input your info, it actually passes the username and password back to Office 365 to check them.
Then it passes them along to do the MFA.
"How does falling for an attack like this affect someone?"
Mike: They feel embarrassed. Then you worry if they’re going to tell you about an attack the next time it happens.
They don’t want to be the one to cause the problem.
"What are some tools to help businesses protect themselves from cyberattacks?"
Mike: User education, EDR, MDR, and Avanan.
Avanan does a really good job of examining potential security problems in your email:
- Has this person ever contacted you before?
- Does the nature of this seem suspicious?
- Does it have a weird attachment?
Also, MFA on accounts helps a lot, especially for people who control important information or who might be targeted.
Cybersecurity by WYRE
The constant changes in vulnerabilities and methods of attack on computer networks present an enormous challenge to modern businesses.
WYRE understands how difficult it can be to stay current on updates, emerging technology, and industry news.
We offer every business—small and large, new and established—targeted security solutions for what matters most: email, endpoints, and networks.