Phishers Are Improving Their Chances of Success with Targeted Attacks
by Paul A. Henry - Vice President of Secure Computing - Monday, 10 April 2006.
  1. Review and if necessary revise your security policies and procedures and be sure they address the many issues of ID Theft for both the organization, your clients and your employees
  2. Take a multi level security approach to ID theft
    1. Evaluate internal controls and procedures;
    2. Don't limit authentication to the user - authenticate both the user and the individual transaction separately and independently;
    3. Use two factor authentication - but not simply as a replacement for single factor authentication;
    4. If you are not using fraud detection methodologies they should absolutely be considered in light of the explosive growth of ID Theft.
  3. Communicate with your customers and employees
    1. Let them know you would never include a clickable URL within and email;
    2. Let them know in any email you would address them by their first and last name;
    3. Let them know you would not send them an email attachment that they would not have been already expecting;
    4. Always remember that your biggest bang for your buck typically comes from user awareness training for both your employees and your customers.
  4. Continuously monitor current threats and make the necessary adjustments in a timely manner – time is not on your side when confronting today’s menaces, either internal or external, on your enterprise network.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th