A new study by FireEye, an email and web threat protection company, found that cybercriminals are getting smarter in their attempts to target and infect corporate systems with the number of infections rising by 225% from 2H 2011 to 1H 2012. Their study shows:
- Malware has significantly increased bypassing traditional security measures.
- While healthcare and energy/utilities are particularly susceptible, the technology sector continues to be the most targeted.
- Spear-phishing emails that contain malicious links and attachments are the primary channel for attacks enjoying a 56% increase in their success rates.
- Cybercriminals are using limited-use domains as well as increasing their diversity and frequency in using malicious email attachments to pierce your defenses.
Source: FireEye Advanced Threat Report – 1H 2012
To protect yourself from malicious attacks, it’s important to identify yourself as a legitimate sender.
- Authenticate your email with DKIM and SPF. By signing your email, ISPs can identify which domains legitimately belong to your company and thwart phishers.
- Get whitelisted. If you have a good sending reputation you can apply for your IPs to be put on a whitelist. This helps ensure your emails get delivered over your legitimate IPs.
- Use a reputable provider. Choose one that has security measures in place to help protect your email streams and has relationships with the ISPs which can be leveraged on your behalf.
- Monitor your deliverability. Your delivery metrics will alert you to changes in your email program.
- Educate your customers. Consumers continue to click on malicious links particularly those from social media outlets. Teach them how to recognize your email streams so they don’t become victims of fraud.
Read the full report. Download FireEye’s Advanced Threat Report 1H 2012.