Anti Phishing

Malware Analysis
Podcast
Security Operations
Threat Intelligence
Anti Phishing
Company Culture
Engineering
Cybersecurity
Company News
SOAR
Anti Phishing

Anti-phishing Strategies to Defend Your Organisation

If you feel like your phishing response team has been seeing more attacks than ever before, you’re not alone. The frequency of phishing and spearphishing attacks appears to be ever-increasing as people conduct more of their work and personal lives online. This post will cover the state of the art in anti-phishing techniques, with a focus on strategies that SOC teams, anti-phishing teams and fraud teams can use to defend customers against phishing attacks, and staff against spearphishing attacks.

Anti Phishing

Automating Anti Phishing Canary Credentials at Scale

In part 1 of our mini-series on canary credentials, we talked about what canary credentials are, why to use them, and how to use them well. It’s highly recommended to read part 1 first. So, let’s assume you’ve had some early success in manually using canary credentials in limited numbers - great! Now you’re looking to take your next steps. Arguably, the most powerful way to land a blow against phishing attackers and deter future attacks is using canary credentials at scale via automation. Here’s why.

Anti Phishing

How to Disrupt Phishing with Anti Phishing Canary Credentials

The traditional response to a phishing attack is to issue a take-down request and wait for the site to (possibly) be yanked offline. Take-downs, while necessary, just don’t hit phishers where it hurts - they still harvest plenty of stolen credentials while the site is up. In light of this, security teams are looking for new, more effective ways to fight back against phishers. Rather than be reactive, we want to disrupt phishers’ operations. A strategy rapidly gaining in popularity is the use of credential poisoning techniques, utilising what are referred to as ‘canary credentials’.