1 / 40

Phishing Attacks per Year

The impact of email-borne threats Why companies should recognise and embrace the need for change. Phishing Attacks per Year. Source: RSA (2014). Phishing Campaigns per Year. Source: APWG (2013). Reality Check. Change in measurement methodology. 300% increase. Source: APWG (2013).

simone
Télécharger la présentation

Phishing Attacks per Year

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The impact ofemail-borne threatsWhy companies should recognise and embrace the need for change.

  2. Phishing Attacks per Year Source: RSA (2014)

  3. Phishing Campaigns per Year Source: APWG (2013)

  4. Reality Check Change in measurement methodology 300% increase Source: APWG (2013)

  5. The Thin End of the Wedge

  6. Why is Accurate Measurement Important? “To measure is to know… If you cannot measure it, you cannot improve it.” Lord Kelvin

  7. Getting Upstream for Accurate Measurement Current measurement Downstream vendors Fuller picture Data filters New measurement Upstream ISPs

  8. Upstream insights

  9. Full Spectrum of Email Threats Active Emailing Domains Non-Sending Domains Defensively Registered Domains

  10. Full Spectrum of Email Threats Unaffiliated Domain Threats Look-a-like Domains Subdomains of Another Domain Different Brands’ Domains Active Emailing Domains Unaffiliated Domains Direct Domain Threats Non-Sending Domains Generic Domains Defensively Registered Domains

  11. 3D Vision Impact • 3 dimensions of email threats: • Nature of threat • Size of attack • Efficacy • Combinations determine impact • All data points available upstream Nature of threat Size of attack Efficacy

  12. 1st Dimension: Nature of Threat Phishing (Direct Domain Threat) 419 (Unaffiliated Domain Threat)

  13. 1st Dimension: Nature of Threat Malware (Direct or Unaffiliated Domain Threat?) Malware (Direct Domain Threat)

  14. 1st Dimension: Nature of Threat Credit score spam (Direct Domain Threat) Pharma spam (Unaffiliated Domain Threat)

  15. 1st Dimension: Why Differentiate? • Different scams will concern different departments • Prioritise based on impact to organisation • Different threats have different remedies

  16. 2nd Dimension: Attack Size • Getting upstream enables us to see how many emails were sent in a given attack

  17. 2nd Dimension: Why Measure Attack Size? • Quantify risks • Prioritise risks • Justify the right investments • Measure ROI

  18. 3rd Dimension: Efficacy ISPs decide what is good and what is bad, but don’t always get it right… Phishing Users decide what is good and what is bad, but don’t always get it right… Phishing Legitimate Phishing Phishing

  19. 3rd Dimension: Efficacy Lots of inbox noise on a daily basis What happens today will affect what happens tomorrow

  20. 3rd Dimension: Why Measure Efficacy? • Quantify impact • Prioritise risks • Justify the right investments • Measure ROI

  21. The Benefits of 3D Vision • Upstream data enables accurate risk assessment • Downstream metrics are inadequate: • No visibility into size of attack • No visibility into efficacy Impact Nature of threat • Upstream data enables us to see true impact Size of attack Efficacy

  22. Impact of Attack: Security Perspective • Fraud losses • Call centre support • Remediation: • Site shutdown • Reset accounts • Credential recovery • Investigation & reporting • Malware  secondary losses • Negative publicity

  23. Impact of Attack: Reduced ROI of Email Program Attack end Attack start 90% average 32% drop 58% low

  24. The pay-off

  25. Addressing email-borne threats

  26. Addressing email-borne threats

  27. Addressing email-borne threats

  28. Addressing email-borne threats

  29. Addressing email-borne threats

  30. Addressing email-borne threats

  31. Addressing email-borne threats

  32. Addressing email-borne threats

  33. Traditional Approach to Phishing Prevention Phish Site Detected Phish Site Takedown Impact @ Time Phishing Email Campaign Deployed

  34. Phishing Prevention With Return Path Phish Site Detected Advanced Detection: Provides enhanced visibility into emerging threats. Proactive Blocking: Drives down the negative impact of phishing. Phish Site Takedown Data Integration: Real-time URI data feeds facilitate faster takedown of malicious sites. Impact @ Time Phishing Email Campaign Deployed

  35. What can you do …

  36. 3-Step Plan to Effectively Manage Risk • Build partnership plan between Security and Marketing • Gain visibility into full spectrum of email threats • Leverage latest technologies to: • Develop a holistic view of detection • Proactively block fraudulent messages • Increase the ROI on existing solutions

  37. Conclusions …

  38. Conclusions • Old metrics are inadequate and incomplete • New technologies offer “3D vision” • It is not just a security concern … it must be enterprise-wide • New technologies: • Reduce fraud • Improve performance of email programs

  39. Thank you Ken Takahashi General Manager, Anti-Phishing Solutions Return Path ken.takahashi@returnpath.com www.returnpath.com/security +61 2 8188 8700

More Related