Search
Featured Image: Phish Happens

Hyas Blog | Phish Happens

Published by on

My mom got phished.

Yes, it’s true. We’ve talked about how to spot them, we’ve talked about what they look like, but we never talk about how easily it can happen to someone you know. Nevertheless, she did get successfully phished the other day… and realized it after the fact. 

With AI-driven enhancements, criminals (and other would-be thieves) are able to write increasingly better and more sophisticated phishing messages, even easily applying specific targeting to increase the credibility and believability of their scam. Regardless of how well-trained you are, when responding to something ‘in the moment’, it’s becoming increasingly easier to get fooled. Maybe it’s when you’re looking at your messages first thing in the morning before you’ve fully woken up, maybe you’re about to take off on that trip and trying to clear out action items before you lose connectivity regardless of the circumstances, the fake messages are getting better, and human error does occur, even to the best of us.

That’s just one more reason why Protective DNS is vital in today’s day and age. It doesn’t matter how much cyber training has occurred; human error will occur. Resiliency-based approaches are specifically designed to assume that bad things might occur, and detect and stop them before significant harm is done and that’s exactly the role of Protective DNS in this (and other) scenarios. The phish is generally trying to get the user to take action, usually by clicking on a link and visiting a criminal-controlled website that purports to be something innocuous and well-known, but modern and advanced Protective DNS solutions know the difference. The goal of advanced infrastructure intelligence is to identify good from bad, safe from malicious, and prevent outbound connections that shouldn’t occur – in this case, preventing the connection to the malicious website, and saving the user from harm even though they didn’t realize the trap they were falling into.

It sounds easy enough, but implementation isn’t always as easy as it sounds. Criminals are constantly creating new malicious infrastructure, to be weaponized at some time in the future, or even taking over existing infrastructure and utilizing it for their own ill-gotten gains. Advanced solutions that specialize in infrastructure intelligence need to constantly update themselves, based on what happens in real-time across the Internet, so they always have the latest intel and real-time verdicts regarding criminally controlled infrastructure. It doesn’t matter how many times a system ‘gets it right’; the bad actor only needs one success to make their mark. 

Which brings us back to my mom. Sure, she might have been able to spot this attack herself, but eventually one will outsmart her and get through. The only way to protect her, an organization’s employees, and so many others, is to ensure that the system itself implements the necessary controls to keep its users safe, even from their own mistakes. It’s just one more reason why governments around the world are demanding increased resiliency be part of a modern cyber security stack, and one more reason why everyone requires the use of infrastructure intelligence and the integration of that intelligence across their security system.

Furthermore, unlike many other innovations, Protective DNS can be deployed quickly and easily, usually without significant IT involvement, and often in a matter of minutes or hours. If you utilize an MSP or MSSP for your cyber security needs, ask them if they already employ a Protective DNS solution to safeguard their customers (including your employees), and consider switching to one that does. If you are responsible for an organization itself, ensure that the deployment of Protective DNS is on your 2025 roadmap. No one wants to be the unsuspecting target who made a mistake that led to damage, both financial and reputational. Least of all, my mother.