Professional Documents
Culture Documents
Anti Phishing
Anti Phishing
Best Practices:
Keys to Aggressively and
Effectively Protecting
Your Organization from
Phishing Attacks
Prepared by
James Brooks, Senior Product Manager
Cyveillance, Inc.
Overview
Phishing is defined by the Financial Services
Technology Consortium (FSTC) as a broadly
launched social engineering attack in which an
electronic identity is misrepresented in an
attempt to trick individuals into revealing
personal credentials that can be used
fraudulently against them. In short, its online
fraud to the highest degree.
For criminals, phishing has become one of the
most common and most effective online scams.
The schemes are varied, typically involving
some combination of spoofed junk (spam)
email, malicious software (malware), and fake
Web pages to harvest personal information
from unwitting consumers.
Customers of well known and lesser-known
companies alike have fallen victim to this
pervasive form of online fraud. Western Union,
AOL, SunTrust, eBay, Amazon, PayPal,
EarthLink, and Citibank are just a few examples
of the many companies who have found
themselves and their customers persistent
victims of phishing attacks.
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Response:
Communication is Key
Your organizations response to a phishing
attack will ultimately determine the extent of
the damage caused by the attack. Obviously,
the faster a site is brought down the less
damage it can cause. How your organization
handles the phishing attack will directly impact
the effectiveness of the phishing site takedown
procedures. Steps to an effective response plan
are outlined below:
After a phishing site is detected and
confirmed, immediately initiate site
takedown procedures using your
internal staff or outsourced service
provider.
1. Assess the size and scope of the
phishing attack.
Recovery:
Have the Process in Place
Recovery from a phishing attack can be
just as important as responding to the attack
itself. In this phase of your organizations
phishing protection and response you need
to focus on minimizing the impact of the
phishing attack. The steps to an effective
recovery plan are listed below:
Conclusion
Phishing is a problem that will be around for
the foreseeable future. Phishing schemes
continue to proliferate because they continue to
work, becoming more sophisticated and better
able to hide from detection.
About Cyveillance
Cyveillance provides online risk monitoring and
management solutions to Global 2000
organizations. The company comprehensively
monitors the Internet using patented
technology to deliver early warning of risks to
information, infrastructure and individuals.
Armed with this actionable intelligence and
Cyveillances immediate corrective response
capabilities, chief security officers can
proactively protect their companys reputation,
revenues and customer trust. Cyveillance
counts over half of the Fortune 50 and three
quarters of the top Fortune 500 companies in
the financial services, pharmaceutical, energy,
and technology industries as clients.
For more information, call 1.888.243.0097 or
info@cyveillance.com.
04/06
Copyright 2006 Cyveillance, Inc. All rights reserved. Cyveillance is a registered trademark of Cyveillance, Inc.
All other names are trademarks or registered trademarks of their respective owners.