Phishing Overview

The Phishing Problem

Phishing is an attempt to criminally and fraudulently acquire sensitive information (such as usernames, passwords and credit card details) by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by email, and often directs users to enter details at a spurious website. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures. However, despite advanced filtering, better law enforcement, greater efforts at user education, and other measures, phishing reports have not declined.

The individuals behind phishing emails are typically online criminals. They send out millions of these messages in the hope that a few recipients will act on them and provide their personal and financial information. Anyone with an email address is at risk of being phished. Any email address that has been made public on the Internet (posting in forums, newsgroups or on a website) is more susceptible to phishing as the email address can be saved by spiders that search the Internet and grab as many addresses as they can. This is why phishing is profitable; Internet fraudsters can cheaply and easily access millions of valid email addresses to send these scams to.

Mitigating the threats posed by phishing requires a layered approach to Internet and communications security. Employing a combination of solutions-based, policy-based and behavioral-based controls can drastically reduce organizational vulnerabilities. As security is a never-ending race against threats, it is important to analyze existing security infrastructure on a regular basis. When choosing a technology to assist in the prevention and mitigation of phishing and other attacks, few things are as important as how often the technology updates itself. Threats are dynamic and evolutionary. The minute one is dealt with, another is on the rise.

The IronPort Solution

As a member of the Anti-Phishing Working Group (APWG), IronPort Systems is dedicated to addressing the threat of phishing. IronPort gateway security appliances provide the first line of defense in a comprehensive security approach to combat phishing. Anti-phishing features on these appliances detect current phishing attacks, enabling organizations to protect their employees. Phishing techniques, which are continuously evolving, often thwart traditional, reactive security defenses. IronPort technology automatically adapts to new threats, as they appear - proactively identifying them and ensuring that companies no longer have to be constantly watching for and recovering from these expensive attacks.

Utilizing data from IronPort's SenderBase Network, IronPort technology examines the complete context of a message, including: "What" content the message contains, "How" the message is constructed, "Who" is sending the message, and "Where" the call to action of the message takes you. By combining these elements, IronPort's anti-phishing features go far beyond competitive solutions to stop the broadest range of threats with industry-leading accuracy.

IronPort appliances provide a multi-layered approach to address phishing and other Internet threats. IronPort appliances have multiple built-in anti-phishing features, including:

IronPort technology is a truly effective solution, providing both proactive and reactive protection against phishing. Measures such as DKIM signing of email clearly identify mail sent from your organization, while automatic updates to signature files and preventive security defenses consistently provide the latest protection and information on emerging threats. IronPort products can support and protect your infrastructure - not only from today's threats, but from those certain to evolve in the future.