Phishing attacks have been a reality in corporate networks for decades. Generic broadcast emails have limited success in, for example, tricking a user into clicking/initiating a man-in-the-middle password reset. However, more targeted phishing attempts, such as those that appear to correspond to a service the user actually uses, have a much higher success rate. Enter the Spearfishing attack: Phishing attempts directed at specific individuals or companies.

 

The explosion of Cloud means that employees using cloud-based shared document apps, such as Google Docs or SharePoint, can be sitting ducks for such an attack. Spearfishing takes advantage of the existing trust relationship between the enterprise and Service Providers located in the Cloud. Redirecting a Google Docs user to a compromised document in another Google Docs repository does not raise eyebrows since it's already a trusted website. In addition, consider the fact that an encrypted connection (HTTPS) cannot easily be filtered for malicious content by a proxy.

 

To some extent technology can aid the fight and help protect employees from becoming victims.

 

Next-generation firewalls can help employees avoid a rogue site intending to serve up a malicious form or PDF file to an employee. Deploying a Single Sign On (SSO) solution helps insulate the user (and their account information) from the Service Provider. And when an intruder has success in compromising a service, SSO can minimize exposure. However, a pure technology solution may be elusive. The best defense against any type of phishing attack continues to be employee education.

 

---