If you read some of my security postings lately, especially this one, then you should already be signed up to receive CERT notifications. (If not, WHY?) You would have received a US-CERT alert about a “Phishing Campaign Linked with ‘Dyre’ Banking Malware”. Have you read it? AND acted on it? (Here is the US-CERT Alert if you have not read it.)
The most important action item is to educate your users. Yes, you have firewalls and antivirus configured, and perhaps a URL filtering service. And that’s good. But the best defense against phishing is an educated user community. You should be sending out an email on a regular basis, perhaps quarterly, educating your users on what phishing is, and how to recognize it. (It would make more impact if this email came from your CIO or IS-VP.) AND, make sure and let them know that banks and other institutions will never be asking for sensitive data via emails. You should include a sample phishing email (with attachments and embedded links removed, of course).
How to get a sample phishing email? Well, if you have trained your users properly, they will be sending them to you on a regular basis. If they forward these emails to you with a note such as “Received this today…it looks fishy, so I just deleted it, but wanted to let you know”, then you have done well in your training!! Otherwise, just check the inbox of your upper management and finance personnel. Believe me, they are getting them on a regular basis, because they are being targeted. Hackers and Scammers (otherwise known as “Slimy Scum-Bags”) are not emailing the whole world anymore…instead, they are sending their mucky-muck to the people that have the access and power. And this strategy is working. Make sure and educate these users….frequently!
Let me repeat: The BEST defense against phishing is an educated user community!
Make it so. (In my best Captain Picard voice.)