During the summer months, when employees and customers are away on vacation, things usually slow down for businesses. But for cybercriminals, the opposite is true because they are busy taking advantage of minimal staffing levels in companies during the vacation period to launch complex attacks.
The U.S. Federal Cybersecurity and Infrastructure Security Agency (CISA), warns that the risk of being hit by a cyberattacks rises over the holidays and summer vacation-themed phishing attacks gain momentum.
Recently, the Phishing Defense Center (PDC) published a report that highlights a new campaign in which attackers impersonate a company's Human Resources department, sending misleading emails to unsuspecting employees to open a link that mimics vacation submission requests. However, when they open the phishing page, it asks them to provide their username and password, thus obtaining their credentials. This version of business email compromise (BEC) shows how vacation-travel focused phishing campaigns have evolved.
How to protect your organization from vacation phishing this summer?
1. Provide security training for your employees before the vacation:
Schedule courses to refresh or update your organization's security policies so they are familiar with the best cybersecurity practices when they are out of the office. In addition, 55% of employees admit to relying exclusively on their mobile devices while working from vacation destinations during their days off. In addition to phishing, they are exposed to another risk, smishing, which means it’s particularly important to establish safe mobile working practices.
2. Make sure employees know how to recognize phishing attempts:
In addition to impersonating HR, cybercriminals can impersonate someone outside the office. If they have gained access to someone's calendar or email account, they will know when that person is on vacation and can impersonate them by sending messages to other employees with the aim of gaining privileged access to the system or extorting money. It is important to check the recipient of emails carefully, look for wording that looks strange and verify communications with the person sending the message to make sure it is not a hoax.
3. Draw up contingency plans:
Develop plans that serve as a guide so that you can react quickly and efficiently, limiting the impacts and scope of an attack. These plans should include a breakdown of who should be involved and their responsibilities, outlining scenarios according to team members' vacations.
4. Implement multi-factor authentication (MFA):
Deploying an MFA solution can prevent attackers from entering your organization's network if one of your staff members has been the victim of a successful phishing attack. In addition, when the solution takes into account the DNA of the mobile device, if attackers attempt to clone a user's device to gain access to the system they would be blocked, as the DNA of the device would not match.
5. Use endpoint security:
Having an advanced detection and response solution in place, capable of continuously monitoring endpoints and enabling automated blocking of anomalous user, machine and process behavior ensures that network devices are protected in the event of a cybercriminal gaining access to the company’s system as a result of a successful phishing attack.
Combining MFA and endpoint security offers many benefits in terms of protecting companies. That is why Bowens, a family-owned building supply company, did not hesitate to implement both solutions to secure its increasingly complex IT infrastructure. To add an extra layer of protection against phishing, it decided also to integrate WatchGuard DNSWatch into its security, which offers protection against phishing attacks at the DNS level.
Brendan Hart, IT Services Manager at Bowens, highlights that "networks today are so large that it's not possible to monitor all users, but by having a portfolio of WatchGuard tools, I know we have the layers of security we need."
By taking these practices into account and implementing the appropriate technology, businesses can rest assured over the summer and employees can enjoy their vacation, safe in the knowledge that they are protected against phishing.