Four Myths About Credential Phishing You Can’t Ignore
When it comes to credential phishing, knowledge is power. We tend to underestimate the impact of phishing on the enterprise and assume our existing defense strategies are sufficient to combat these attacks.
To understand phishing means understanding one of the most common methods used by attackers to breach and maneuver within our networks, and to do that we need to dispel a few myths. Read this white paper to learn about phishing tactics and the key steps to building a complete security strategy that protects against credential phishing.
Suggested resources for additional research:
- Analyst Research: IDC Planscape: Deploying Multi-Factor Authentication
- Customer Journey: Fieldpoint Private Creates a Better Customer Experience with MFA
- MFA in action: An on-demand demo
Credential phishing is the practice of stealing user ID/email address and password combinations by masquerading as a reputable or known entity or person in email, instant message, or another communication channel. Attackers then use the victim’s credentials to carry out attacks on a secondary target.
When it comes to phishing, knowledge is power. We tend to underestimate the impact of phishing on the enterprise and assume our existing defense strategies are sufficient to combat these attacks.
The attackers are in tune with the modern workplace, and as such, phishing has gone device and app agnostic, targeting both SMS communications, social media, and cloud storage sites. In today’s mobile, Bring-Your-Own-Everything workplace, the traditional demarcation between work and personal is a blur that leaves the enterprise open to the indirect risk of our employees’ personal digital behavior.Four Myths About Credential Phishing