The advancing of phishing

Next story

The life cycle of phishing attacks can potentially be endless, as some revisit older malware in the hope that various anti-virus may no longer be using older scripts.

Image

The tactics used by hackers and cybercriminals is advancing with both phishing and social engineering becoming increasingly more complex. As many phishing cases seem to be able to bypass these proactive systems and directly target users in their inbox, what could this mean for traditional anti-virus technology? Mark James, ESET IT Security Specialist, explains.

“It has been said before that anti-virus (AV) is dead, and if we were talking about the old ancient signature based detection of yesteryear then you may have a point, but modern malware detection is very far from that.

“Also, let’s not forget the fact that malware often works in cycles; older malware families often come around again to try and infect.

“They use slightly modified variations of the original code or even exactly as they were, trusting in the fact that some manufacturers will stop using older signatures in an attempt to save valuable disk space.

“The modern day approach to AV is more than just signatures, the landscape we see today has changed massively and moved to other platforms.

To be effective today you need to adapt, you need to be able to gather intelligence in real-time and use that along with behavioural analysis to work with signatures, as signatures are a very small aspect of modern day malware detection.

“We need to provide a means to safeguard the average user, to stop an extremely high percentage of malware from doing any harm. It’s our job to identify new attack vectors and to develop and evolve new ways to detect and stop malware from causing the devastation we see today from the likes of ransomware.

“The only effective solution is multi-layered protection, a mixture of old and new techniques designed to enable the user to experience seamless operation of their hardware, whilst providing the protection they come to expect from a leading vendor.”


Have you ever been the victim of malware you thought was dead and buried? Let us know on Twitter @ESETUK


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.