- cross-posted to:
- cybersecuritymemes@lemmy.world
- cross-posted to:
- cybersecuritymemes@lemmy.world
If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.
If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.
There are very few one click total compromises out there.
Most of the time clicking on the link will get to a phishing page to harvest credentials or prompt to download a zip or pdf which has the actual malware exploit/payload.
True, in many cases there is a whole chain of vulnerabilities and misconfigurations, and everything starts with one phishing mail. For example:
That was the point of this meme. It is not phishing alone that gets the company in trouble, its mostly a series of misconfigurations.
I think that in cyber security, we have to assume that phishing will be successful sometimes - and be prepared when it happens.
Yep and then whatever is trying to execute should be limited by user permissions, app whitelists, EDR / MDR, and a pile of other defenses.