Mitch: You’ve built your defenses against virus threats. You’re deflecting spam like there’s no tomorrow. But for enterprise network admins, the love affair with phishing attacks has only just begun.

According to the Anti-Phishing Working Group, the number of phishing reports increased from 8,800 to over 15,200 between December, 2004, and December, 2005, while the number of phishing sites quadrupled to 7197.

Most attacks focused on money, with financial-based institutions comprising nearly 90% of the brands being faked. Nearly 35% of all attacks originate in the US.

And though phishers once focused mostly on at-home end-users, today they’re moving on up… to enterprises. The idea is simple. Outfox one staff member, or penetrate one computer, and you get the keys to the company.

A compromised web server can harbour a phishing scam, unbeknownst to you. Staff workstations can conceal keystroke loggers and open back doors attackers can use to thwart firewalls and other defenses.

Even when you think you’re doing it right, you can get fooled. Some spyware removal tools employees might use will actually install a bot or trojan. Trojans often change the host files that redirect entries to phished sites instead.

So what’s the solution? Use network content filters to strip potentially dangerous scripts, attachments and HTML (like embedded links) from incoming messages. Also, keep your antirootkit, antispyware and antivirus software up to date on every computer attached to the network.

And don’t neglect the laptops. They’re a preferred attack vector.

Full Story »