How to Protect Your Network Against the Dramatic Rise of Phishing URLs

Phishing remains the main attack method for data breaches. Scammers can fill user inboxes with sophisticated fake emails for little cost and all it takes is one unsuspecting user to download malicious code into a network and let the hacker in.

For years, one the most common methods to combat phishing attacks was to use an antivirus program that would check file attachments for malicious code. While this was effective for a while, hackers quickly began using workarounds to get their phishing emails past those network security filters.

The most popular method they’re using now is a link in an email message instead of a file attachment. The URL is able to get past malware filters because the message doesn’t contain any malware, instead it links the user to a malicious site. The site will typically do one of two things:

1. Initiate a download of dangerous code onto their computer as soon as they visit it. 
2. Spoof a login page in an attempt to steal user login credentials.

Between January and December of 2019, the use of Phishing URLs jumped by 640%.

To combat the dramatic rise in the use of malicious links in phishing emails, companies need to employ a combination of protections that include DNS filtering and security awareness training.

Approaches to Combat Malicious Links

Using a link instead of a file attachment often fools users into a false sense of security. While they may be very suspicious of an unknown sender including a file attachment in their email, users may be less suspicious of links.

Since phishing emails with URLs are much more likely to get past antivirus protections than those with file attachments, there’s a much bigger chance for a user to accidentally get fooled by one.

25% of malicious phishing emails make it past standard Office 365 security protocols, putting more burden on user education and DNS filtering to stop network breaches.

Here are the two main ways to address phishing campaigns that contain URLs instead of malware and keep your network and data secure.

DNS Filtering

DNS (Domain Name System) filtering is a type of application that blocks malicious sites and helps prevent the downloading of malicious scripts when a user clicks a link to a dangerous site.

The DNS filter is a layer between the user and the internet. When a user attempts to visit a website, the DNS filter checks the URL against a continually updated list of known malicious sites, and if a site is found on that list, the user is blocked from visiting it and redirected to an alert page.

This helps combat phishing URLs after the fact, once a user has clicked the link in a malicious email or social media or messaging application.

DNS filtering is also useful for blocking unproductive sites or illegal or questionable sites, so that no one connected to your office network can visit them. It can also help resolve bandwidth issues and keeps someone from using an excessive amount of bandwidth when visiting a specific site.

Main advantages of DNS filtering:

• Combat phishing that uses URLs by blocking dangerous sites
• Block questionable or illegal sites
• Control bandwidth use
• Improve productivity by blocking “time-wasting” sites

Employee Security Awareness Training

Training your employees on the many tactics that phishing scammers use is important for keeping them aware of the threats coming into their inboxes. Threats are changing all the time as spammers come up with different types of tricks to get users to click on dangerous links.

Some of the tips that you want to regularly train your employees on include:

• The Danger of URLs: Explain the dramatic rise in links being used more than attachments in phishing emails and why it’s dangerous to click on them.
• Hover First: It’s a best practice to hover over links before clicking them to reveal a true URL. Often, they’ll be spoofing a legitimate site, but viewing the link will reveal that it’s a scam.
• Don’t Trust Unexpected Senders: Train employees to always be suspicious of unexpected emails even if they seem to come from a legitimate source, like a vendor or shipping company.
• Cloud Storage Can Be a Trick: To fool users that look for suspicious URLs, hackers employ cloud storage services. So, a link may be to a OneDrive or Google Drive URL, but, when clicked, that file could redirect the users to a dangerous site.
• Social Phishing is on the Rise: Employees need to know that phishing doesn’t only come by email. The use of social media direct messages and text messages are both on the rise as a way to deliver a malicious URL.
• Report Suspicious Emails: If one employee gets a phishing email, there’s a good chance that others received the same one. Provide instructions for employees to report or forward suspicious emails so other users can be warned.

Does Your Company Have a Way to Combat Phishing URLs?

If you’re unsure about your protections against malicious sites, Haxxess can help ensure that your Northern Ontario company is protected from phishing emails that employ malicious URLs and give you the ability to blacklist specific websites. 

Contact us today to schedule a free security consultation! Call 705-222-8324 or reach out online.