Threat Category: Authentication: User or Device to Remote Service
Phishing Defenses for Webmail Providers 1
Your Account PayPal Has Been Limited Phishing Scam 2
Ensure corporate e-mail policy is configured to scan for suspicious files, executables, or attachments, and segregate such emails to increase end-user awareness of their potential to contain malicious content.
Deploy email and web proxy services that will examine URL resources for malicious content, and if any is found, prevent delivery of the message to the intended recipient.
Deploy email filtering tools or services that will automatically remove detected URLs from the body of emails from untrusted domains.
Educate end users on how to recognize phishing attempts and increase their awareness of techniques to browse safely from mobile devices, such as tap-and-hold on a hyperlink to examine its associated URL.
R. Graves, Phishing Defenses for Webmail Providers, white paper, SANS Institute, 2013; www.sans.org/reading-room/whitepapers/email/phishing-detecton-remediation-34082 [accessed 8/258/2016] ↩
C. Boyd, “‘Your Account PayPal Has Been Limited’ Phishing Scam”, blog, 8 May 2015; https://blog.malwarebytes.com/cybercrime/2015/05/your-account-paypal-has-been-limited-phishing-scam/ [accessed 8/25/2016] ↩