Phishing is defined by the Financial Services Technology Consortium (FSTC) as a broadly launched social engineering attack in which an electronic identity is misrepresented in an attempt to trick individuals into revealing personal credentials that can be used fraudulently against them. In short, itís online fraud to the highest degree.
Although itís been around for years, phishing is still one of the most common and effective online scams. The schemes are varied, typically involving some combination of spoofed email (spam), malicious software (malware), and fake websites to harvest personal information from unwitting consumers. The explosive rise of mobile devices, mobile applications, and social media networks has given phishers new vectors to exploit, along with access to volumes of personal data that can be used in more targeted attacks or spear phishing. The fact that phishing attacks are still so common highlights their efficacy and reinforces the need to implement comprehensive phishing and response plans to protect organizations.
An effective phishing protection plan should focus on four primary areas: Prevention, Detection, Response, and Recovery. High-level recommendations for each of the four areas are outlined in this whitepaper.
Deliverability is the crucible of email marketing. Nothing good can happen when your email doesnít even get to your customerís inbox. eDataSource tracks and reports on deliverability with its Inbox metric, which nets out spam events against mailing quantity.
eDataSource sees the full range of Inbox Placement performance, based on our visibility into the email activity of 53,000 brands and their customers engagement with those emails. Email marketers whoíve achieved Inbox Placement rates of at least 95% are thought to be doing pretty well. Still, we often see Inbox Placement rates in the 80s for overall brands, and in the 20s, or even less, for certain individual campaigns.
Advanced persistent threats (APTs) are stealthier and more spiteful than ever. Sophisticated techniques are used to quietly breach organizations and deploy customized malware, which potentially remains undetected for months. Such attacks are caused by cybercriminals who target individual users with highly evasive tools. Legacy security approaches are bypassed to steal sensitive data from credit card details to intellectual property or government secrets. Traditional cybersecurity solutions, such as email spam filters, anti-virus software or firewalls are ineffective against advanced persistent threats. APTs can bypass such solutions and gain hold within a network to make organizations vulnerable to data breaches.
Credit Union Times is the nation's leading independent source for breaking news and analysis for credit union leaders. For more than 20 years, Credit Union Times has set the standard for editorial excellence and ethical, straight-forward reporting.