Today I received a phone call from one of our clients who had read my previous blog: “How to Benefit from Monitoring Good Web Activity”. This blog is focused on how you can benefit from monitoring internet activity that is not generally perceived as bad, or unproductive. The client, a network administrator at a large government department, wanted to share his experience from such a monitoring situation.
Recently the department was exposed to a very well designed phishing attack. An email claiming to be from a well known financial organization had been sent out to majority of employees within the department. The email prompted the receivers to login to their accounts and cancel a transaction they had not authorized, taking them to a forged site, identical to the financial organization’s authentic site.
The attack was quickly under control and IT updated firewall rules to prevent any employees from accessing the particular site again. However, instead of immediately blocking further emails from the malicious sender, the IT department saw this as an opportunity to educate the workforce about phishing attacks. They used WebSpy Vantage to report on their firewall and identified all employees who tried to access blocked phishing sites. As employees were identified, IT started organizing informal meetings to inform them about phishing, how to recognize attacks and the most common phishing techniques used.
Because IT was able to pinpoint exactly which employees needed more information about phishing attacks, these smaller meetings showed to be very effective. The employees attending the meetings naturally realized their phishing knowledge was insufficient and were eager to find out more as they didn’t want to make the same mistake again, at work or at home. The government department is still the target of phishing attacks but their employees are now educated enough to identify them before any harm is done.
If you want to share your monitoring and reporting experiences either comment below or email me directly at firstname.lastname@example.org.
- Santa Claus is Coming to Town – Ho, Ho, How will it Affect your Workplace?
- Another Reason Organizations Should Avoid Excessive Internet Blocking
- Security Threats Increase with Growth in Social Networking – Blocking still not the Answer
- Internet Monitoring Best Practices – 10 Valuable Tips
- Detecting a distributed reflected DNS attack