The Phishing-as-a-Service trend helping drive up cyber attacks
Guest article from Lionel Naidoo from Dragon IS –
It’s Cyber Security Awareness Month, which once again shines a spotlight on the growing cyber threat facing businesses.
Did you know, last year cybercriminals stole an estimated £30.5 billion from UK firms. The equivalent of almost £60,000 every minute!
One of the most successful tactics deployed was phishing, a type of attack designed to introduce malware or trick victims into handing over sensitive information. It can take many forms; from letters and emails to phone calls, text messages and QR codes.
And it’s a big problem. According to the latest Cybersecurity Breaches Survey, 56% of businesses and 62% of charities reported data breaches in the last 12 months, with 79% experiencing a phishing attack.
Something that is leading to an increase in these types of attacks is the growing trend for Phishing-as-a-Service (PhaaS). This sees would-be criminals – even those with minimal technical skills – paying a fee to be given all they need to get started
One such operation, called LabHost, was recently exposed and arrests made. Described as a ’cyber fraud superstore’ by the ICAEW, LabHost sold phishing subscriptions for up to $3,000 a month, including email and text message templates, and facilities to harvest PINs, personal information and security question answers.
By the time the site was removed, 70,000 UK victims had been identified, while globally it’s thought the platform was responsible for the theft of around 480,000 card numbers, 64,000 PIN numbers and over 1m passwords.
So, what can businesses do to best protect against phishing?
While no security system is infallible, here are 8 steps you can take to better protect yourself:
- Invest in cybersecurity solutions such as computer, email and password security.
- Introduce regular employee training
- Implement multi-factor authentication
- Update and patch systems
- Conduct regular security assessments
- Backup your data securely
- Have an incident response plan
- Partner with an expert like ourselves here at Dragon IS
Remember, prevention will always be better than cure, so act sooner rather than later to shore up your cyber defences. For expert support, please reach out to our team on info@dragon-is.com