Phishing attacks have been around for some time now and as evidence by some of the more well-known attacks (WannaCry for example) can be wide spread and very devastating. With that said, we are starting to see a more targeted and sophisticated type of attack that we’ll call a “Trusted Phishing attack”. Forsyte knows of two organizations that this has happened to in the past week and we are hearing stories of it almost daily on the national level. A trusted phishing attack starts off just like any other phishing attack. The difference is that once the initial account is compromised the perpetrators initiate a much subtler attack. They will first make changes to the compromised account making impersonation going forward difficult to detect. Once these settings are in place they will make contact to both internal and external users posing as the compromised user. Because this secondary account is coming from a known trusted user the success of obtaining sensitive information skyrockets. Real world examples of what we are seeing would be PO approvals or Direct Deposit changes.
To prevent these devastating attacks, we at Forsyte IT Solutions have worked hand in hand with Microsoft to put together a solution we call Phish Hunter.
Phish Hunter actively monitors users for “Trusted Phishing Attacks” using known attack vectors as well as locally gained insights. When an attack is identified the Phish Hunter solution proactively remediates the threat. Utilizing the built-in alerting and remediation features of Phish Hunter allow you to target and stop these attacks in their tracks saving untold resources (man hours, money, bad publicity).
For more information about Phish Hunter, please contact us at firstname.lastname@example.org. We also may be able to find Microsoft funds to cover the installation charge.
Please note that Phish Hunter requires that you have a minimum of a Office 365 Enterprise E5/A5 and EMS E5/A5 license.