Culture of Security

How Google and Microsoft Can Stop Phishing Scams

Trevor highlighted in his recent post Bad Guys Want Your Payroll how attackers are using malicious software to access business banking accounts. To get the malicious software (malware) onto business systems, attackers are frequently using phishing scams that encourage users to download the software through deceit and misrepresentation. Brian Krebs and his online community have also been discussing the issue to great depth over recent weeks, including in his recent post
Warning About ZeuS Attack Used as Lure.

These attacks are largely successful due to the poor design of modern email systems. As a commodity that has been around for far longer than the browser, email systems have had a remarkably poor rate of evolution by comparison. However, Google and Microsoft have the ability to protect us from phishing scams. But, will they?

Create a Culture of Security

Employee understanding and buy-in is critical to your business’s success in marketing, production, development and design. It should be no less important to them in cyber security. They are most likely the first to recognize and first to institute some kind of defense against an attack. The best plans, policies, procedures, technology, and training can all be circumvented due to a careless mistake made by one or a number of employees.