Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Guarding against phishing

Derek Manky | June 3, 2011
Google has recommended that Gmail users begin using a two-step verification process that requires users to enter a code, sent to their phone, after they have entered their password and here are some more tips about combating the threats.

 

Spear-phishing involves a direct target. These are premeditated and much more effective thanks to a higher level of social engineering. These attacks usually go after specific criteria, such as database credentials.

 

Whaling is simply spear-phishing, but going after high profile targets, such as celebrities or C-Level executives.

 

Vishing is phishing over telephone systems. It is more common to vish on response (requiring the victim to call-back), rather than directly vish with an initial phone call

No matter what type of phishing attack is used, the same security practices outlined above should apply; especially in the cases of spear-phishing, since they can be quite custom, making it more important to detect at the earlier stages (baiting/hooking).

 

Derek Manky, is Fortinet's senior security strategist

 

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.