The battle against phishing
By Cameron Abbott, Michelle Aggromito and Jacqueline Patishman
All over the world, organisations and individuals battle phishing. Even in systems with a high degree of security, phishing is still a risk and human failures to spot and deal with phishing can cause the best of security policies and procedures to become undone.
To fight phishing at the source, the UK’s National Cyber Security Centre (NCSC) recently achieved some success in this space through its use of email verification technology to fight phishing attacks. This technology, called ‘Synthetic DMARC’, works by assigning a DMARC record for all domains attempting to pass-off as gov.uk domains, by analysing and vetting non-existing subdomains against DNS records and building on authentication systems of the past.
In a practical sense, this means that the NCSC can identify hoaxes of UK government websites across all domains, even when the sites were previously unknown to NCSC. Email providers can then block these addresses from its users’ inboxes faster, which can significantly reduce the number of successful phishing attacks that use government addresses. This is extremely helpful at tax time when phishers routinely impersonate the HMRC.
The NCSC recently released their second annual Cyber Defence Report highlighting this achievement. As a result of the technology, the report states that the NCSC has been able to stop 140,000 separate phishing attacks in the last year, and have taken down a record 18,067 phishing sites. This is a noticeable improvement when compared to the takedown rate of 14,124 in 2018.
While the technology has shown some success, it is not without its faults. The NCSC report admits that there are challenges in widespread implementation as email providers do not consistently process Synthetic DMARC records in the same way, which produces inconsistent results.
Although a victory, even with technological developments and protections there are still approximately 1.5 million new phishing sites created each month, and many successful attacks. Nonetheless, it is important that cybersecurity teams worldwide work hard in developing and using new tools and technologies, such as this, to protect organisations and individuals in the battle against phishing.