The latest: “A cyber espionage campaign is targeting national security think tanks and academic institutions in the US in what’s believed to be an intelligence gathering operation” … the mechanism used is email: “…spear-phishing attacks using fake emails with malicious attachments attempts to deliver […] malware”.
Why email? Despite recent advances in collaboration platforms, a majority of enterprise users still depend on email for communication and sharing. And there are all kinds of opportunities for trickery in email…
The above phishing attack is designed to look like it comes from Microsoft OneDrive.
Examining the URLs and domains reveals it to be questionable – but some number of users who receive it will definitely click on it. And that’s why OneDrive, Dropbox and other cloud file storage and sharing systems are so frequently blocked by large or regulated companies.
For starters, the e-Share service is always fully re-branded including your logo, colors and subdomain. Recipients will recognize these details and know it’s ok to share and collaborate.
The link to the shared content will also use the same sub-domain.
Of course you can also use our fine-grained controls to further control the experience. Meanwhile your security team will continue to block unknown domains, including the cloud file storage services, to keep users and their data safe.
Once you adopt this approach, you can train your internal users to ignore anything that isn’t from the official domain of important partners & vendors.
In addition to deploying Trusted Sharing, we recommend the following best practices for
secure collaboration… via email or any other platform!
- Define and deploy uniform sharing policies that are designed around real world use cases
- Deploy file sharing tools that integrate directly with email, collaboration and/or other end-user applications including mobile
- Use tools that promote file access without giving the recipient a copy
- Ensure trace-ability of information via audit, watermarking and/or encryption as appropriate
- Deploy and integrate data leakage protection (DLP) services to scan email for sensitive attachments and apply additional policies
We’d love to see examples of phishing attempts you’ve seen in the wild – feel free to comment below, or register for a demo to chat with our experts…