How to Handle Sophisticated Credential Phishing Attacks?

0
1
Asked By TechyTaco123 On

I'm dealing with a serious issue regarding sophisticated credential phishing attacks. Recently, I've encountered a situation where an adversary hacks a user's Outlook inbox in another organization and creates shareable links to files in their SharePoint. These links are malicious but appear legitimate because they're sent from a compromised account within a trusted organization. The emails come through as regular notifications from Microsoft, making it difficult to detect the threats. Given that most users report these issues only after being targeted, I'm looking for the best strategies to combat these undetectable phishing attacks. Any advice?

3 Answers

Answered By CyberSleuth55 On

User training is essential, but you should also consider using browser inspection tools like a CASB product. This can help mitigate risks as users navigate potentially dangerous links.

Answered By CleverPanda98 On

One of the first things you can do is stop adding organizations to your whitelist. Our whitelist has zero entries. If organizations want their emails delivered, they need to set up proper security measures like SPF, DKIM, and DMARC. Remember, we're in the Zero Trust era now; you should trust no one, not even your colleagues or newly provisioned devices. User training is crucial, along with policies addressing testing failures—like serious consequences for repeat failures.

Answered By PhishingSysGuru On

Consider using Mimecast for URL protection and inspection. If a user clicks a bad link, Mimecast can sandbox the link and test it against your defined security policies. If the link is deemed legit, they can proceed; if not, it gets blocked with a notification. While it's not perfect, it helps reduce risks. Just beware that it may not catch everything—especially compromised accounts that send malicious SharePoint links.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.