Manage Learn to apply best practices and optimize your operations.

Socially engineered malware attacks: Enterprise defense best practices

Enterprise threats expert Nick Lewis explains how socially engineered malware attacks work and how enterprises can defend against them.

A recent NSS Labs Inc. test revealed how the top four Web browsers fair against phishing and socially engineered malware attacks. Can you please briefly explain what socially engineered malware attacks are, how they work and what I can do to help my employees recognize and mitigate such attacks?

A Web browser should not be the first nor only point of protection against phishing or socially engineered malware attacks; these attacks are neither dependent on the Web browsers themselves nor easily thwarted by the protections built into the different browsers.

Let's start with phishing. Many users are phished when they are not even using the Web. Most of them are email only (for example, an attack that asks the user to provide usernames, passwords or Social Security numbers). Fortunately, these attacks are becoming somewhat less common.

On the other hand, as NSS Labs reported in 2013 and 2014, a socially engineered malware (SEM) attack is an attack that tricks users into downloading and installing malicious software that compromises the security of their system. For example, this malware could be advertised as something that cleans a computer from viruses but in reality is a rogue malware application, or a malicious program disguised as a browser extension.

The standard antiphishing advice was reiterated in the NSS Labs report: Employee security awareness efforts can be effective in protecting against SEM attacks since the attack is focusing on attacking the human and the human can do the most to avoid the attack. However, security awareness is only one component of protecting an enterprise from phishing attacks. Technical components -- such as using secure browsers, securing systems, monitoring for sensitive data in email, and using the antiphishing tools included in most email systems -- will also help reduce the risk. In addition, multifactor authentication may be one of the most effective security controls to stopping account compromises from phishing attacks.

Ask the Expert!
Want to ask Nick Lewis a question about enterprise threats? Submit your questions now via email! (All questions are anonymous.)

This was last published in June 2014

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.