We recently heard from DNSFilter, who leveraged the company’s domain categorization and filtering technology, along with the 27 billion DNS queries processed daily, to produce insights web-based threat research completely unique to the cybersecurity industry.
DNSFilter saw significant increases across threat types in 2022 over the last six months, including a 300% increase in phishing traffic.
Peter Lowe, Principal Security Researcher at DNSFilter shared his top phishing defense tips for IT and users to prevent attacks:
Corporate IT: Block newly registered domains. They are your enemy.
New domains are the biggest threats when it comes to phishing attacks. These attacks are often assembled quickly from kits, meaning it’s easy for hackers to get new sites up as their old ones are taken down. Old methods, like a list of threat feeds, aren’t enough to combat today’s sophisticated phishing campaigns. Every new link you encounter has the possibility of being a phishing website or other malicious site—especially websites that have only been registered in the last 30 days. You can prevent your employees from falling prey to phishing schemes and opening your network up to attackers by implementing AI-driven protective DNS (often referred to as PDNS) and blocking new and uncategorized domains, in addition to known phishing sites. When DNS protection is in place, it can mitigate 33% of all data breaches. It’s a lightweight but powerful layer that will keep your entire organization safe.
Users: If something strikes you as suspicious, treat it as phishing until proven otherwise.
The ability to recognize a phishing attack is the first step to preventing them. While a lot of phishing attack attempts are engineered to be deployed as broadly as possible, spear phishing campaigns target specific individuals or businesses instead of sending out mass emails indiscriminately. There can be a lot of range in how a spear phishing attack appears, but the main goal is always deception through highly customized attacks. If something strikes you as suspicious, treat it as phishing until proven otherwise. Check link names and verify questionable requests externally when possible (like if you receive an email from your CEO asking you to buy $500 worth of gift cards, call them to confirm before doing it). Be mindful that phishing isn't just done via email. In fact, a major component of most phishing campaigns is a phishing website page. Phishing websites can be found in emails, malicious ads, search results, or even linked from trustworthy pages.