SBN

DoH and Phishing Risks. What You Need to Know Now

As we continue to transition our lives to the digital world, our digital footprint continues to grow. As our data is collected and sold without our knowledge and consent, it has made employees and consumers more aware of the potential privacy risks to their digital footprint.

DNS over HTTPS (DoH) is the proposed standard published by the IEFT to protect user privacy(RFC 8484). DoH is enabled by default in Firefox and is available to Chrome and Android users. Whether you agree if DoH delivers on its promises, it created challenges for security teams to protect their users from phishing webpages and the risks successful attacks have on their organizations.

Pre DoH – A brief course in HTTP and HTTPs
When a webpage is requested, the request needs to move from the browser to the destination server. It will go through multiple servers before it gets there, and the same is true for the response coming back from the destination server to a computer. The problem with this is anyone along the path can see the information, and there is no telling who will have access and what they will do with this information.

To fix this issue, HTTPS, a secure version of HTTP, was created. With HTTPs, only the user and the destination server can read the content. However, some data moving between a browser and the destination server are still unencrypted, such as a webpage (i.e., https://acme.com). DoH solves this problem, so only the user and a trusted recursive resolver know the webpage you are accessing.

Why is this a problem? Many organizations use web URL filtering policy rules, via secure web gateways (SWGs)and firewalls to protect their employees from accessing phishing webpages. For these solutions to work, it must be able to see the webpage the user requested. The requested URL is checked against a list of known bad sites and blocks the user’s request if the webpage is listed. With DoH, the SWG and firewall no longer have the required visibility to protect its employees.

SlashNext Fully Support DoH
SlashNext solutions fully support the DoH standard by providing security against the latest phishing threats, on and off the network, without compromising user privacy DoH promises to deliver. SlashNext Mobile and Browser Phishing Protection provide 2.0 AI phishing defense with real-time phishing protection in lightweight, cloud-powered apps and browser extensions that protect users without compromise, no degradation in user experience, and does not transmit personal data.

Protect yourself and your team with a free, easy to deploy 14-day trial today.


*** This is a Security Bloggers Network syndicated blog from SlashNext authored by Jimmy Lin | SlashNext Threat Lab. Read the original post at: https://www.slashnext.com/blog/doh-and-phishing-risks-what-you-need-to-know-now/