One of the newest ways to get past email defenses is getting the least amount of attention: the changing link. Here’s how it works:
The Bad Guy emails one of your employees an email “from” your CEO/President whatever with a link that looks something like https://www.dropbox.com/ImportantShare but it goes to http://bit.ly/325JnYX (feel free to click those links!). This link intentionally is a redirect: it will take users from one URL to another, it has common legitimate uses.
At first, http://bit.ly/325JnYX goes to a harmless site, maybe Google, and gets past your email defense filters as a result. However, a few minutes later the Bad Guy changes it to go to a site that they control that phishes, distributes malware, whatever technique that they want to use to get into your organization. When you user clicks the link, it now goes to the bad site.
What do you? These new Bad Guy techniques require new tools to defend your organization and your data, tools that are always up-to-date with real-time information and that don’t check things only once — like your current email defenses — but do so continually.
Fortunately, there are new defense tools available for SMBs. If you are interested in understanding the options feel free to set up an appointment with us, firstname.lastname@example.org or 865-240-2716