Prevent Credential Theft
Published on 03 Aug 2022
Phishing attacks are the most common way that businesses' security is broken today, and the credentials of their employees are a top target for those who want to do harm.
That's because they are the key to many of the other security measures put in place to protect your business. Most of the time, all that stands between a cybercriminal and a company's valuable intellectual property is a correct user name and password.
Spear phishing is especially effective because it often takes advantage of good behavior: the person's desire to follow security policies by giving or updating the credentials that are supposed to keep them safe. It's also hard to stop because there are so many bad websites and they don't last long. Their content changes often to avoid being put in the right category.
The most common and effective cyber threat to your business is still phishing.
Phishing scams are always changing and come in many different forms:
- Spear phishing is a type of scam that targets specific people by using their names, job titles or work processes.
- Whaling is a type of scam that targets company officers and is often written as legal notices, customer complaints, or executive issues.
- Inadvertent infection: sharing news or social media links that have been hacked
There are many ways to carry out a phishing attack:
- Phishing links in email messages;
- Targeted links or messages on social media platforms;
- Links shared in chat programs
Hp Sure Click Enterprise1 Helps Prevent Credential Theft By Alerting And Blocking Users From Sharing Login Details On Malicious And Low-Reputation Sites
Sure Click Enterprise helps stop credential theft by making it impossible to enter passwords on credential harvesting websites after a user has clicked on a phishing link in an email, chat client, PDF, or other files. When a user visits a website and is asked to sign in, Sure Click Enterprise uses the HP Threat Intelligence Service to check the site's reputation and domain to see if it is safe. Users will be able to enter their credentials as usual on sites that are known to be safe and are known to be legitimate.
But if the site is known to be a phishing site, a warning window will pop up when the user tries to enter their password. This keeps the site from getting their login information. The software can then be set up so that the user can either close the browser window safely or keep looking at the site while all the data-capture fields are turned off.
If a site has a bad reputation, users are told to check it out and not enter their login information unless they know it is safe. Administrators can choose to block credential access to these sites or let users go ahead. If they let a user go ahead, the site will be added to the whitelist on that user's PC and the warning will no longer appear when that user visits the site in the future.
All actions taken on sites that are known to be bad or have a low reputation are recorded and sent to the Sure Click Controller so that IT can check for threats and look at how users are acting.
Download HP's whitepaper to learn more about Prevent Credential Theft only on Whitepapers Online.