Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Secure your productivity on any device, anywhere, any time.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Discover how Six Degrees has driven success for others.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » Phishing Trends: Adapting to Keep Cybercriminals at Bay
Looking back on the early days of phishing emails, they can seem almost impossibly quaint. We lived in a far less cyber security-aware world a decade ago, and cybercriminals were able to catch victims out with phishing emails telling tall tales of long-lost relatives and wealthy princes. Fast-forward to 2020 and people are far more sophisticated in both their understanding of the cyber threats they face and their ability to spot malicious emails. Unfortunately, cybercriminals are far more sophisticated in 2020, too.
Since the UK Government enforced a nationwide lockdown to tackle the spread of coronavirus, cybercriminals have become increasingly busy targeting remote working users with phishing attacks. Until recently, phishing trends tended to focus on directing users to fake remote login pages that enabled cybercriminals to harvest credentials. However, the ever-increasing adoption of multi-factor authentication and mail filtering as fundamental cyber security best practice has made this method increasingly less profitable. So the cybercriminals have done what they do and pivoted – to targeting third party cyber security software that doesn’t have multi-factor authentication enforced. In this blog post we’ll take a look at these latest phishing trends and how your organisation needs to adapt to keep the cybercriminals at bay.
Introducing mail filtering significantly reduces the chance of phishing emails reaching users’ mailboxes. However, no mail filtering software is perfect – phishing emails will occasionally slip through the net. At this point you are reliant on your users being diligent enough to spot the phishing email and delete it, rather than click on any links or download any attachments it contains.
Those phishing emails that do slip through the net are increasingly targeting third party services that use shared logins, such as mail filtering software. Certain mail filtering software packages maintain a separate login page through which you can also access and view your mail. These third-party services offer cybercriminals the opportunity to harvest domain credentials without being thwarted by multi-factor authentication. It’s an opportunity that’s becoming far too tempting for cybercriminals to turn down. Here’s how they launch the attacks:
These latest phishing trends are proving highly profitable for cybercriminals, and so it’s safe to assume they will continue to use these methods as long as they remain successful. So how should your organisation adapt?
If you’ve been playing along at home you can probably guess the first piece of advice: implementing multi-factor authentication for your mail filtering software. In 2020 there really is no good reason for not using multi-factor authentication to control access across your entire infrastructure.
Cybercriminals can and will exploit any vector they can to launch cyber-attacks across your organisation; multi-factor authentication makes their jobs much, much harder.
But the latest phishing trends also warrant a broader assessment of your organisation’s cyber security posture. Here are three ways you can more effectively protect your organisation from phishing and other cyber-attacks:
As we transition into the ‘new normal’ way of working together, we should all be proactive in our approach to handling the cyber threats we face. By understanding developing phishing trends and other cyber-attack methods, we can implement measures to protect our organisations from financial, operational and reputational damage.
Six Degrees delivers managed cyber security and consultancy services that will enable your organisation to enhance its cyber security posture and protect itself from cyber-attack.
The Six Degrees Cyber Clinic delivers free cyber security advice and best practice guidance to help your organisation remain secure during this period of uncertainty. If you would like to contact the Cyber Clinic with your questions or concerns, please get in touch.
We are publishing regular Cyber Intelligence Reports that provide details of known cyber threats related to coronavirus that have arisen, along with recommended remediation steps. You can download the latest report here.
The coronavirus pandemic is being exploited by cybercriminals to launch…
Welcome to the 7th edition of the Cyber Clinic Webinar…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.
