Spoofing And Phishing In Gotham City And Beyond

Spoofing and phishing. If you watch the Fox television show Gotham (@Gotham), those terms might sound like something Edward Nygma, a.k.a. The Riddler, might use to confound James Gordon and the Gotham City PD.

Whenever I talk to new employees about what the Abuse, Compliance and Delivery group does here at Net Atlantic, I usually get a few giggles when I bring up spoofing and phishing. Heck, they still make me chuckle sometimes! But even though they might sound funny, spoofing and phishing are no laughing matter. In fact, these practices are actually pretty nefarious!

How can you keep your data safe at an ESP?

The recent data breach at a well-known ESP has gotten a lot of press and attention.  Many large customers email lists were compromised including major retailers like Walgreens, Best Buy, Target as well as several financial institutions including US Bank, JPMorgan Chase, Citi, and more.  Unfortunately this is not the first data breach that has happened to ESPs.  The last two years have seen some well publicized events of data compromise.  Many breeches have occurred by methods including spear-phishing (a series of targeted attacks and social engineering against a specific company in order to gain access to their data) and other more common security vulnerabilities.

Is your data safe at an ESP?  It depends on the ESP.  You should ask your ESP what security measures are in place.  You want to ask about things such as firewalls, intrusion detection mechanisms, software vulnerability patching practices, antivirus and antimalware programs (both in their data centers but also in their offices), encryption of backups, and staff security training.

%d bloggers like this: