Drudge Report, Relevant Phishing, Profit
The real infosec problem coming from coronavirus is it’s teaching hackers that phishing relevant to current events is effective. This dangerous precedent is important because said phishing is unlikely to stop at the end of the crisis. The number will go down of course, but the evolution will remain.
The beauty of phishing is that it’s so simple. The barrier to entry for phishing is quite low. It would not be difficult from now on, for phishers to wake up each day, check the news, edit a template to fit and send a hyper relevant campaign. When most people think of phishing, they think of the Nigerian cousin scam. But what if there’s a big market rally & a long lost New York broker cousin reaches out? Same principle, different specifics, much more effective. This is the threat that can face users moving forward. Daily events turned into phishing campaigns and delivered the next day.
Social engineering like phishing isn’t going to be solved by machines. The inherent nature of the problem is that it revolves around semantics and nuance. Humans struggle to detect such deception, let alone teaching a machine to understand it.
So instead, the solution is to have machines do what they are good at, and have humans do what we are good at. Machines are excellent at finding something definite and finding patterns by matching a line to points on a plot. So that’s what Enveloperty has machines doing. The add-on detects things like security check statuses. Whether or not the sender is on a binary level, the same as the sender you trust. Displaying information previously entered by a human. These are things that machines are excellent at.
The human then does what we are good at. We consume information, and quickly render a verdict. Do I, or do I not find this email suspicious? Utilizing the information displayed by the Enveloperty add-on, users come to an educated decision. Once a users suspicions are raised it’s usually over for the phisher. They get reported to IT, and with Envelopertys unique addressing their contact with the user is severed entirely.