Cisco Blogs
Share

Why phishing attacks still win and what you can do about it, Part I

- May 24, 2018 - 2 Comments

In the last few years we have seen a fundamental shift in malicious tactics leveraging social engineering techniques. Among the most effective of these are phishing attacks, where cybercriminals exploit a brand’s reputation to evade email security defenses and convince individuals to open an email and take action. While most individuals are aware that phishing attacks occur, the sophistication and frequency with which they are executed makes them an enduring and effective method to gain access to your network and sensitive data. And once they are in, cybercriminals can use your network as a launching pad for additional attacks on your employees, partners and customer base.

It can be disheartening to think that phishing, which has been in use for more than 30 years, is still an evolving, effective tool for hackers around the globe. But what’s particularly exciting is that our new offering, called Cisco Domain Protection, protects our customers against these modern, sophisticated identity-based attacks. Specifically, when it comes to preventing phishing attacks targeting an organization’s customers or supply chain partners, the most effective way to mitigate the vulnerability is to use the Domain Message Authentication Reporting & Conformance (DMARC) standard.

DMARC allows an organization to discover, authorize, and authenticate their internal and 3rd party email senders attempting to send email on their behalf. It also informs the receiving email gateway on what policy action to take if the email fails DMARC authentication. Possible actions include quarantining or rejecting the message altogether. Unfortunately, an organization’s email ecosystem is typically complex, comprising hundreds or thousands of domains and Emails sent from dozens or hundreds of third-party email sending services such as MailChimp, Marketo, or SendGrid.

Aligning all domains and senders so that email sent using your brand is authentic can be a time consuming and painful to implement without the right tools, processes, and knowledge. Cisco Domain Protection automates this process of preventing phishing with state-of-the-art features like Easy Sender Policy Framework (SPF), Hosted SPF, and Email Cloud Intelligence, enabling companies to secure internal and third-party senders quickly and accurately without interrupting legitimate email delivery.

With Cisco Domain Protection, organizations not only can prevent identity impersonation-based phishing attacks that target their customers, but can also protect their employees as the Cisco Email Security can enforce actions to reject or quarantine any message that fails DMARC authentication.

Stay tuned for part 2 of this series, as we discuss how Cisco extends protection beyond DMARC to enhance Cisco Email Security to stop advanced identity deception based attacks targeting your employees.

To learn more about Cisco Domain Protection and see a live demo, visit our booth at the Gartner Security & Risk Summit June 4-7.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

2 Comments

  1. Interesting article, would like to learn more as this is a serious issue for my organisation

    • Thank you, Didier. At the moment, we don't have another document to point you to. To learn more, I recommend reaching out to your Cisco sales rep or partner.