.jpg)
There is a proverb that states, "You can deceive some people all the time and all the people some of the time." This has been the foundation of numerous cyber security scams over the past 20 years because there is no such thing as 100% protection and people are naturally trusting. Despite years of security awareness training, cybercriminals continue to alter and reuse tried-and-true techniques to persuade us to open malware-filled email attachments and click harmful website links.
You can still use the majority of historical security advice from pretty much any year since the internet became widely used if you do a search for it. Employ secure passwords, avoid opening attachments, and avoid clicking links from untrusted websites. All very common advise. Why then do people continue to fall for updated versions of the same con games that have been around for at least a decade? However, from the viewpoint of a cybercriminal, why fix something that isn't broken? Instead, they adapt, automate, work together, and improve what already works. excellent advise for any company!
But, you can find yourself in a situation where you can no longer trick others, even occasionally, because they are no longer in control of the situation. This can be done by placing technology between the user and the internet and having it decide whether or not to trust something. By identifying what is untrustworthy or, more crucially, what cannot be trusted, trust becomes essential, and various security enhancements can be made as a result.
This is nothing new; we have been banning access to exe and bat files for years because many systems won't trust anything that is classified as a programme or executable. The list of files types that can act as a programme in the Microsoft Windows operating system is quite extensive, if you don't believe me try to memorise this list: app, arj, bas, bat, cgi, chm, cmd, com, cpl, dll, exe, hta, inf, ini, ins, iqy, jar, js, jse, lnk, mht, mhtm, mhtml, msh, msh1, msh2, msh1xml, msh2xml, msi, ocx, pcd, pif, pl, ps1, ps1xml, ps2, ps2xml, psc1, psc2, py, reg, scf, scr, sct, sh, shb, shs, url, vb, vbe, vbs, vbx, ws, wsc, wsf, and wsh.
Email can be filtered and authenticated using domain settings, reputation ratings, blacklists, DMARC (Domain-based Message Authentication Reporting and Conformance) or the protocols SPF and DKIM. Emails can also be filtered at the content level using keywords in the subject and body text, tracking pixels, links, attachments, and improper images that are "Not Safe For Work" (NSFW), such as sexually explicit, inflammatory, and extremist content.Advanced systems remove extra content that is not a part of the document's core by adding attachment virtual sandboxing, checking the file integrity of attachments, or both. Others, such as the "Linkscan" technology, examine the documents that follow a link, which may be hidden behind shortened links or many hops, and then scan them for malware by following any links in those documents to the link's final destination.
Yet the area where we fall short is when trusted business partners, like our suppliers, have their email accounts hijacked. These emails are simple to get past spam and security filters because they come from real, legitimate email accounts, albeit ones that are now also controlled by cybercriminals. If there isn't anything suspicious in the email, like a strange attachment or link, they often go unnoticed because they are on an allow list.This explains why Business Email Compromised (BEC) attacks, which demand payments for anticipated invoices be put into a "new" bank account, or urgent yet believable invoices that need to be paid right away, are so extremely successful. Cybercriminals won't be detected if they conduct their research, copy previous legitimate invoice requests, and possibly add context discussion based on prior emails. Only internal procedures that highlight BACS payments, bank data that have changed, or warnings to confirm or authenticate can be helpful.Just be careful not to call the criminal by mistake by double-checking the phone number in the email signature before you do. Keep in mind that SMS can be faked, so proceed with caution even if the person you were about to call has just sent you an SMS text message to confirm.
It doesn't matter how effective your security measures are if they can be circumvented due to a flaw in another piece of software, whether at the operating system or firmware level, or via a specific application. This is why patch management is essential. There is no such thing as a perfect system, and there is also no such thing as 100% security. This is where security information and event management (SIEM) and endpoint detection and response (EDR) systems come into play. Through quick detection and repair, they can assist reduce the harm, perhaps before the cybercriminals fully succeed in their objectives.
We can be confident that emotional and psychological tricks and hooks won't affect technological judgements because it is a binary choice, either yes or no, by leveraging the power of technology to safeguard us and layering solutions to cover the numerous ways cybercriminals constantly try to trick us. The more we can filter out, the less likely it is that cybercriminals will consistently be able to trick some people. This enables security awareness training to concentrate on risks like social engineering schemes and trickery that technology isn't as good at stopping. In today's quickly changing world, it is difficult to spend your budget properly to cover all the bases and avoid leaving any holes.
.jpg)
.jpg)
.jpg)
.jpg)
