Case Studies – Security
Protecting Against Phishing & Social Hacking
Since the increase in remote workers, organizations across the board have seen a 667% increase in phishing attacks in just under a month.
Organizations now more than ever need to add additional security measures to ensure their data is protected.
There was a 95% deduction of attacks making their way to end- users
A 1000 person legal firm saw a magnitude increase in phishing and advance social engineering as hackers were preying on people and the circumstances. When in the office, users typically verified requests for confidential information, passwords, and financial information in person. With most users now remote, some of the double checks or security controls previously in place were no longer enough. In some cases, these threats circumvented corporate controls and included text messages and emails to personal accounts. After several potential hacks made their way to end users and some high-profile hacks were successful at other legal firms, there was an increasing concern and need to further protect users and mitigate risks.
In order to protect users, a dual strategy was employed. First, users had an online education series delivered to them, reminding them about acceptable use policies, social hacking, appropriate email behavior, and email attachments. Users that scored poorly on the quizzes received reinforced messaging with additional pointed training. In addition, potential high-risk employees were identified for IT follow up.
Next, additional email and content security technologies were implemented to heighten the level of protection and prevent impersonation attacks. Aqueduct was able to prevent potential data loss and layered content security using DNS reputation and blocked malformed URL. Emails originating outside of the organization were clearly displayed to ensure cursory glances of emails on mobile devices were quickly flagged for end users. The customer is currently implementing a multi-factor single sign on solution to eliminate password theft risks.
With a greater security posture and integrated solutions, the customer has seen a significant reduction in vulnerabilities and now has greater control and visibility. There was a 95% deduction of attacks making their way to end- users and in the event one did make it’s way through the overall risk of it leading to an exploit was near zero.
We will work with you to find the perfect solution to your technical challenge, all for free.