Dive Brief:
- Companies focus too much time on the amount of data stolen or the number of customer records impacted in cyberattacks, according to a new report from Area 1 Security.
- Area 1 maintains that companies should instead focus on remediation in order to make an impact.
- The study suggests companies focus on the "attacker’s history, behavior, delivery mechanism, and infrastructure."
Dive Insight:
Creating a new URL that leads to a legitimate-looking but hacked website is the latest trick cybercriminals are using to corral victims while staying under the radar. Too often, small-to-medium organizations are the victims.
“Compromising existing small-to-medium-sized organizations not only gives attackers anonymity, but also eliminates the long and costly process of fabricating an online identity,” according to the report.
Area 1 suggests companies focus on the attacker’s history, behavior, delivery mechanism and infrastructure to help stop attacks.
A May report from the Anti-Phishing Working Group said the number of distinct website links in phishing attacks jumped by more than 150% between October 2015 and March 2016.
