11 tips to prevent phishing

From rewarding employees for savvy security smarts, to showing them how breaches are relevant to their every-day duties, we've got the phishing prevention tips you need.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Most of us have clicked on an email that seemed legitimate, but wasn't. 

Here are our top phishing prevention tips for best technology practices, employee education and social media smarts.

3 ways to stop 95-99 percent of spear-phishing attempts

1. Inbound email sandboxing

Deploy a solution that checks the safety of an emailed link when a user clicks on it. This protects against a new phishing tactic that I've seen from cybercriminals. Bad guys send a brand new URL in an email to their targets to get through the organization's email security. The other tactic is when they inject malicious code into the website right after delivery of the email URL. This URL will get past any standard spam solution.

2. Real-time analysis and inspection of your web traffic

First, stop malicious URLs from even getting to your users' corporate inboxes at your gateway. Even if you have inbound email sandboxing for your corporate email, some users might click on a malicious link through a personal email account, like Gmail. In that case, your corporate email spear-phishing protection is unable to see the traffic. Bottom line: your web security gateway needs to be intelligent, analyze content in real time, and be 98 percent effective at stopping malware.

3. Employee behavior

The human element is incredibly important. Adopting an employee testing program  and do this training on-going basis. The result isn't really employee education or security awareness —it's behavior modification.

5 tips for changing employee behavior

To continue reading this article register now