Why Corporations Need to Worry About Phishing

Written by CipherTrust

Continued from page 1

Employees must be educated not only about phishing generally, but also about how fraudsters might use social engineering and other methods to entice employees to divulge sensitive information to hackers outsiderepparttar organization.

With little knowledge of an organization’s business methods, hackers can easily distribute hundreds or even thousands of spoofed messages to an organization’s employees. The messages may ask for network passwords and usernames, or may attempt to fool employees into providing sensitive information to competitors.

It is important to properly train employees about what information is appropriate to share through email, and specifically what steps employees should take if they are unsure aboutrepparttar 109515 authenticity of a request for information.

Information gleaned by fraudsters from corporate networks can be used in a variety of nefarious ways. Inrepparttar 109516 financial services industry, criminals can use credit cards to deduct money straight from accounts of unsuspecting victims. Many other organizations hold private healthcare information, or personal financial information that could be used by criminals to extort payoffs from corporations wishing to avoidrepparttar 109517 bad publicity of a security breach becoming public knowledge.

Though deflecting this attack does involve a significant amount of education, providing content filtering on outbound e-mail traffic can flag suspicious communications. Looking for these regular expressions, like social security numbers and account numbers, can prevent a simple deception from becoming a major liability issue.

What to Do If You Arerepparttar 109518 Victim of a Phishing Scam

If you become aware of fraudsters imitating your organization to commit phishing fraud, you should:

  • Immediately educate your customers on how they can correctly identifyrepparttar 109519 phish
  • Notifyrepparttar 109520 authorities of your situation. Phishing Fraudsters may have violated all or some ofrepparttar 109521 following Federal Laws:
    • 18 U.S.C. 1028(a)(7) – Identity Theft
    • 18 U.S.C. 1343 – Wire Fraud
    • 18 U.S.C. 1029 – Credit-card Fraud
    • 18 U.S.C. 1344 – Bank Fraud
    • 18 U.S.C. 1030 (a)(4) – Computer Fraud
    • 18 U.S.C. 1037 – CAN-SPAM Act
    • 18 U.S.C. 1028(a)(5) – Damage to computer systems and files
  • Prosecuterepparttar 109522 criminals – when Spammers use your trademarks to commit fraud, they are violating U.S. Trademark laws as well as anti-fraud laws. Your organization hasrepparttar 109523 right to defend its mark in court.

If you find that you are personallyrepparttar 109524 victim of a phishing scam, then you should identify what information was compromised and then:

3 Criteria for Controlling Enterprise Spam

Written by CipherTrust

Continued from page 1

A fundamental issue with spam is defining what exactly constitutes spam. One person may consider any bulk e-mail spam, while another highly valuesrepparttar opt-in bulk e-mails they receive. Different organizations may have policies with very different definitions of what is allowed. A good anti-spam solution must allow administrators to enforce these different rules and even allow them to apply different rules to different users, preferably by integrating with policy tools and user databases such as LDAP directories. It should be able to support differing thresholds for different spam results and adjustable confidence values in spam detection techniques. It should allow administrators to customize responses for inbound or outbound traffic. Rules should allow re-labeling, blocking and quarantining of messages, as well as a test mode where rules are tried without impacting mail flow. Ideally, your solution will include an integrated policy manager, which enforces corporate policy acrossrepparttar 109514 entire e-mail system, and allows different rule sets for different users and groups.

Criteria 3 – Expertise – Know Thy Enemy

Spammers are constantly improving their methods, particularly as corporations have finally begun to fight back. Vendors must be able to develop and deploy policies, signatures, keywords and values to corporations using their solution. They should be developed based on data from a distributed network of customers and other Internet detection points by a team of spam blocking experts. Only by constant improvement can any solution continue to be responsive to spammers even inrepparttar 109515 face of new threats.

CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, “Securing the E-mail Boundary: An overview of IronMail” or by visiting www.ciphertrust.com.

    <Back to Page 1
ImproveHomeLife.com © 2005
Terms of Use