phishing attacks in the cloud effective strategies to ... attacks in the cloud – effective...
TRANSCRIPT
© 2015 MarkMonitor Inc. All rights reserved.
Phishing Attacks in the Cloud –
Effective Strategies to Protect
Your Brand
Akino Chikada
Brand Protection, Product Marketing, MarkMonitor
Agenda
Online Fraud Lifecycle and Trends
Fraudsters Target SaaS/Cloud-Based Companies
How Fraudsters Monetize
Business Impact
Considerations & Best Practices
Q&A Session
2
By 2015, 3.2 billion people will be using the internet
Global Internet Adoption
Source: http://www.internetlivestats.com/internet-users/
The Online Fraud Lifecycle
Launch Phishing
Campaign Collect Credential
& Monetize
Fraudster Lifecycle
Traditionally, the financial industry has always been a
primary target for phish attacks
H1 2015, 41% of the phishing attacks targeted the
financial industry
4
Setup Phishing
Attack
…Today, Fraudsters Are Evolving Their Targets
5
0
5000
10000
15000
20000
25000
30000
35000
40000
45000
Non-Financial Institution Companies
Grand Total
Linear (Grand Total)
Source: MarkMonitor
Cloud & SaaS Defined
6 | Confidential
The Cloud - a way of delivering data to any digital device,
anywhere and at any time
SaaS:
• Most predominant type of cloud computing
• Software that is owned and managed remotely by a provider that
delivers their software to users remotely at any time
• Often a “pay-as-you-go” basis or subscription-based
Why SaaS Companies?
Funding for SaaS companies was $11.7 billion in 2014, up
70% over the past year; and funding tripled since 2011
A third of businesses worldwide are moving applications
from locally hosted servers to SaaS environments*
Global SaaS software revenues are forecasted to reach
$106B in 2016, increasing 21% over projected 2015
spending levels**
SaaS introduces new concerns: financial & data theft
opportunities
* Gartner
** Forrester
7
SaaS model changes the fraudsters target: instead of
targeting the infrastructure itself, fraudsters target users
who hold access rights to data
Individual users of SaaS apps also typically do not have
appropriate security controls in place to fully minimize risk
According to a recent study*, very successful phishing
campaigns will capture data from 45% of its visitors
• Least successful scams only scored information from 3% of its
visitors, but that still adds up!
*Engadget: “Google says the best phishing scams have a 45-percent success rate”
“Handcrafted Fraud and Extortion: Manual Account Hijacking in the Wild”, Google
Phishing Attacks Targeting SaaS Companies
SaaS Companies: The New Target
9 | Confidential
0
500
1000
1500
2000
2500
3000
3500
Mar
-14
Ap
r-14
May
-14
Jun
-14
Jul-
14
Au
g-1
4
Sep
-14
Oct
-14
No
v-14
Dec
-14
Jan
-15
Fe
b-1
5
Company A phish trend
0
1000
2000
3000
4000
5000
6000
7000
8000
Jan
-11
Ap
r-11
Jul-
11
Oct
-11
Jan
-12
Ap
r-12
Jul-
12
Oct
-12
Jan
-13
Ap
r-13
Jul-
13
Oct
-13
Jan
-14
Ap
r-14
Jul-
14
Oct
-14
Jan
-15
Company B phish trend
Once a SaaS company reaches significant market presence,
there’s risk that they become a target for phish attacks.
How Do Consumers Get Directed to
Phishing Sites?
Websites
Paid
Search
Social
Media
Email Mobile
Apps
Fraudsters typically leverage a multi-pronged approach,
and sometimes use social engineering tactics
Tactics Leveraged to Steal Credentials
11 | Confidential
Social engineering scams
Email campaigns
Impersonating sites
Social Media – support pages
Paid Search ads
Malicious mobile apps
Mobile Phishing by Industry
Source: Trend Micro
Different Types of Attacks
Targeted Attack:
Specifically going after a companies’ credentials
Generic Attack:
Utilizing a brand to get email credentials
Malware Attack:
Utilizing a brand and trick targets to download malware (email
campaigns attachments, mobile app downloads)
12
Impact of Phish Attacks Targeting SaaS /
Cloud-Based Companies
18%
23%
64%
Specific Phish
Malware
Generic Phish
Targeted phish attacks are
higher risk than generic attack
and have direct impact on your
business revenue
All attacks will still impact
brand reputation
Take action and shutdown all
fraudulent activities
13
SaaS Company: Phish Breakdown
Source: MarkMonitor
How Fraudsters Monetize
With SaaS, once a fraudsters has accessed the account –
they get access to the data
Fraudsters know how to monetize different types of
credentials and data
• Deepening data on user for various types of fraud
• Broadening credential coverage to launch
more campaigns
• Reselling cloud credentials
• Reselling resources
• Hijacking resources
14
Fraud Damages Businesses
The Impact to Business
Impacts your top and bottom lines
Damages Online
Channel
Customer distrust
Abandoned Internet channel
Diminished revenues and
higher costs
Increases
Costs
Incident fire-fighting
Fraud remediation
Customer service and
support
Weakens Customer
Relationships
Poor customer experience
Eroded brand loyalty
Customer defection to competitors
15
Online Fraud Lifecycle F
RA
UD
ST
ER
P
RO
TE
CT
ION
Setup Phishing
Attack
Launch Phishing
Campaign Collect Credential
& Monetize
Prevention Detect & Validate Mitigate
Shutdown
16
Considerations &
Best Practices
Assess Security Risks Before Moving to Cloud
Considerations
Before starting a cloud project, assess the risks you and your customers might be exposed to:
• Does your cloud product store what might be sensitive business
information?
• May your cloud product store lists of user credentials?
• Can your cloud product be resold?
Assess the potential damage of a phishing attacks on your customers
Find out if your brand or product is getting phished
Check for products offering a “phishing monitoring” and/or “insurance” service
18
What You Should Do
Page 19 | Confidential
1 BE PROACTIVE
Monitor and proactively protect your bank and your customers from
fraudulent attacks
2
3
LEVERAGE TECHNOLOGIES
Ensure you have a purpose-built technology to help you prevent, detect,
and mitigate fraudulent activities
DON’T JUST FOCUS ON THE EMAIL CHANNEL
Fraudulent attacks are taking place across multiple digital channels in
different forms
Social
Media Email Websites Paid
Search
Mobile
Apps
Educate Your Customers Protect Your Customers from Online Scammers
Make your customers your allies in fighting fraudulent activities
Setup an inbox so that customers can easily forward any
fraudulent scams
Two-factor authentication is often recommended
Provide best practices and proactively share latest scams /
tactics fraudsters are leveraging so that your customers know
what they should look out for
Page 20 | Confidential
Key Take Aways
Cloud computing is changing the way businesses operate and
will continue to evolve
Fraudsters are continuously evolving their tactics, so have
preventative measures in place to minimize risks
Be prepared for the worst so that any stage of a fraud lifecycle,
you have a strategy to mitigate and shutdown a fraudster
Questions?
Thank You!
For information on MarkMonitor solutions, services and
complimentary educational events
• Contact us via email:
• Visit our website at:
www.markmonitor.com
• Contact us via phone:
US: 1 (800) 745 9229
Europe: +44 (0) 203 206 2220