How to Prevent Phishing Attacks with Website Monitoring
The Anti-Phishing Working Group (APWG) recently reported that in the second half of 2012 (2H2012) there were at least 123,486 unique phishing attacks worldwide, up significantly from 93,462 attacks in the first half of 2012. The attacks used 89,748 unique domain names, up from the 64,204 domains used in 1H2012, due to shared virtual server hacking.
In our last article we discussed how adding external website monitoring to the cyber security portfolio can quickly detect and diagnose DDoS cyber attacks, so institutions can proactively communicate with affected stakeholders. Another approach to securing against cyber attacks is by proactively monitoring phishing websites. In this case, Dotcom-Monitor uses URL monitoring to test for the live online presence of URLs that are known to be phishing site URLs. When a phishing site URL comes back online, or generates a change in content, the IT, or security department is immediately alerted by Dotcom-Monitor. They can then address the issue – by issuing an alert to stakeholders, by shutting down the phishing site URL etc… – before the phishing URL can do significant damage. This active website monitoring for phishing URLs is a tool that goes after cyber attacks to proactively fight against them, rather than simply reacting to cyber attacks.
An Effective Addition to a Comprehensive Cyber Security Portfolio
A survey conducted by O+K Research in May 2012 revealed that more than 50% of users are not confident they could recognize a phishing letter, or web page by themselves. While there are many consumer anti-phishing technologies available, the best practice for an institution to protect their customers is to implement a combination of protection methods. In addition to antivirus security, an anti-spam module, and anti-exploit technology, the utilization of external website monitoring completes the cyber security portfolio.
If your anti-phishing cyber security portfolio is lacking external website monitoring, Dotcom-Monitor offers a free trial.
For more on proactive security measures, see our post in response to US bank cyber attacks: Adding External Website Monitoring to the Cyber Security Portfolio.