While we often think about malicious users when we speak of insider threats, the "real" problem lies with users that may unintentionally be putting their organizations at risk. This includes users that get phished, bypass controls for convenience or efficiency, and connect their own devices to the corporate networks.
Recent study by Imperva gets under the skin of what can now be characterized as an increasingly complex and rapidly maturing phishing industry. The study examined more than 1,000 free phishing kits that allow for the development of phishing web sites in what has been called an ‘easy to deploy’ format.
If a massive data breach has been in the news recently – such as the Equifax data breach that impacted more than 143 million Americans – there’s a good chance that other hackers will capitalize on this public data breach to cause greater harm to victims, and open up those already victimized to even more risk.
Imperva reversed the phishing hook to hack the hackers, proving that these 'professionals' are just as susceptible – and in the process reveals some very important anti-hacker lessons.