Don’t Underestimate Spam and Phishing Scams – Pandemic Gives ISPs the Job of SOCs

The COVID-19 epidemic has sent the world into a frenzy. With so many companies choosing to send their employees to work from home, the job of the security department has become all the more important.

The number of phishing scams has increased substantially as criminals seek to capitalize on the novel way people work and consume media from home. But companies can mitigate the danger with the right technologies.

Bitdefender has identified a significant increase in malicious activity in recent weeks, and more seems to pop up as the epidemic forces people to stay at home. While some criminals try to impersonate officials from the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO) in malware-laced emails, others have started targeting vulnerable infrastructure in users’ homes. 

In other situations, the phishing attempts aim to persuade people to donate money to worthy causes — a classic approach in these scams. The worst going around is an email that claims you can buy an efficient (but untested!) coronavirus vaccine. And the list goes on and on.


Kill it before it reaches the target


Two ways to tackle the problem of phishing scams use vastly different approaches. The cyber kill chain is a great analogy for any kind of cyberattack. It can be described as a series of events set in motion by criminals, with a clear purpose and end goal. Between the start of the attack and its payoff, criminals have to clear many hurdles. 

While the type of hurdles depends on the type of attack, humans are usually the weakest link in the kill chain. Simply put, a human is the easiest obstacle to circumvent for criminals.

One way to fix this is to train employees to better recognize phishing attempts, but that’s not fool-proof, and some scams will fall through the cracks. Even so, that still leaves the public at large vulnerable, since it’s impossible to train absolutely everybody.

The other solution would be to stop the phishing attempt before it reaches users, which can be done with the help of specialized tools such as URL filtering or antispam technologies to name a few.


Securing work-from-home, a unique selling proposition


As more and more people start to work from home, they leave the protective environment of the corporate infrastructure, making them more vulnerable. Suddenly, tasks that were the responsibility of the Security Operations Center (SOC) now land in the hands of ISPs, who might not be ready for the additional task of securing their clients.

One of the first things that new work-from-home users should do is to make sure that their ISP has the technologies needed to protect them against all types of threats, whether it’s a DoS attack or a complex phishing campaign. And having these capabilities implemented turns any ISP into a market player that has the upper hand.


Technology to the rescue


The first layer of protection needs to be implemented at the Internet Service Provider (ISP) or Telecom services level, ensuring that essential traffic is scanned and malicious URLs are blocked before reaching the user. 

For example, besides the ability to provide comprehensive DoS protection to ISPs and telecommunication partners, the Bitdefender IoT Security Platform performs another vital function, that of Web Protection. All network traffic is checked against the Bitdefender Global Protective Network (GPN) – a massive distributed cloud architecture that contains the best available database of cyber threats. Bitdefender’s GPN uses reflective models and advanced machine learning algorithms to constantly improve detection & prevention.

If the network is protected by the Bitdefender IoT Security Platform, malicious URLs are blocked and users can be notified instantly. Any zero-day threat is immediately synced across the GPN so that every user is protected.

Of course, URL filtering is just one part of the puzzle, as the rest of the malware problem can be solved at the endpoint level via advanced capabilities included in the locally installed Bitdefender solution.

For example, the antispam technology features three proprietary modules that include whitelisting & blacklisting, the heuristic filter, and the Bayesian (learning) module. Along with the antiphishing, antivirus and antimalware modules with behavioral analysis and zero-day threat protection, Bitdefender’s endpoint solutions cover the entire spectrum of possible threats.


What can be done right now


ISPs have essential choices to make in the new coronavirus-driven world, and they can decide to implement the Bitdefender IoT Security Platform across the entire tech stack: directly into their network hardware, into home routers and gateways, and even on endpoints themselves.

While sensible advice is good, it’s just another layer of protection, and it’s not enough. ISPs and telecom companies have their responsibilities as well, and it has never been more vital to keep their clients safe as it is now, when so many people need it the most.


[Interested? Get in touch]

*** This is a Security Bloggers Network syndicated blog from Business Insights In Virtualization and Cloud Security authored by Silviu STAHIE. Read the original post at: