Should Our Employees Be Using a DNS Filter?

Should Our Employees Be Using a DNS Filter?

Whenever you hear about ransomware being on the rise or firmware attacks skyrocketing, there is typically a common attack vector that cybercriminals are taking. 

Phishing emails are responsible for 70% of all cyberattacks. Getting a user to open a dangerous file attachment or click a malicious link remains the path of least resistance for most hackers.

Rather than having to be clever enough to code their way around a strong firewall, a hacker simply has to create a good enough fake email to fool a user. And unfortunately, employees are still one of the weak links in many cybersecurity environments.

These days, phishing emails are more difficult to tell from the real thing. They are also often connected to phishing sites that have similar URLs to a legitimate company, usually just being one or two characters off.

If you want to defend against a majority of online threats, then you need to have phishing protections in place, and one of the most important is a DNS filter.

What is a DNS Filter?

A DNS filter, also referred to as a web filter, is a program that looks at the URL’s a person’s browser is being directed to before allowing the page to load. It matches the website address against a database of known malicious sites. If a URL is found to be on that list, the DNS filter will block the site from loading and redirect the user to a warning page.

DNS stands for Domain Name System. You can think of it as the contact list for the internet. It matches a URL ( with the IP address of a specific website. 

Each website domain is attached to a string of numbers, known as the IP address. Trying to remember a bunch of numbers to type in whenever you wanted to visit a website would make for a much less helpful internet. So, the Domain Name System was designed to match those numbers to a common website domain name, such as 

The DNS filter inserts itself in this process to protect the user from ending up on a malicious phishing site, even if they’ve already clicked a link in a phishing email. 

Reasons to Use DNS Filtering for Your Team

URLs Are Used Much More Often Than File Attachments in Phishing

Most people have become programmed to avoid strange file attachments. Many companies also use an antivirus that will check for any malware when an email attachment is opened. 

This has led hackers to move to another tactic, which is to not send malware in a phishing email and instead send an innocent-looking link to a malicious site.

85% of phishing emails contain a link rather than a file attachment. Where do those links go? 

  • Spoofed sign-in forms designed to steal login credentials
  • Sites that inject malware as soon as the page loads

If you’re only using protections for file attachments, then you’re missing protection for a majority of phishing emails.

DNS Filtering is Effective

Having your employees use a DNS filter on their devices is highly effective at blocking malicious phishing websites. Using a DNS filter can block as much as 88% of malware from getting into a network via phishing sites.

With that level of effectiveness, you can protect your company against a majority of the phishing threats coming into staff inboxes.

It’s Unobtrusive

Some security measures draw employee complaints because they interfere with workflow and slow users down. For example, companies often get push-back when implementing MFA because users say it causes it to take them longer to log into their work apps.

However, DNS filtering doesn’t interfere with a person’s workflow or slow their browser down. It’s simply there, standing guard, and springs into action to warn the user should they accidentally try to visit a malicious website.

Inexpensive to Implement

Some cybersecurity protections can be expensive to implement, which is why companies may leave themselves less than fully protected. DNS filtering is not one of them. 

It’s one of the most inexpensive IT security safeguards to implement across all employee devices. It provides a significant safeguard for very little investment and is easy to implement. 

Smaller Organizations See a Higher Rate of Malicious Emails

Small and mid-sized businesses need to have DNS filtering in place to combat phishing emails. SMBs see a much higher rate of malicious emails than do larger organizations.

Rate of malicious phishing emails:

  • Companies with 1-250 employees: 1 in 323 emails
  • Companies with 1001-1500 employees: 1 in 823 emails

Data breaches, ransomware, and other attacks continue to increase each year. At the same time, phishing tactics get more sophisticated. One of the latest is attackers using OneDrive and SharePoint links, which many users trust, to lure users into clicking over to a malicious site.

It’s vital that you have strong phishing protections in place, and DNS filtering is one of the best.

Improve Your IT Security With Affordable Solutions

Haxxess can help your Northern Ontario business put affordable IT security protections in place that safeguard your team from the onslaught of phishing attacks. 

Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.

stay in touch

Subscribe to our newsletter and we'll keep you informed about latest IT news.