How my mom got phished—and why Protective DNS is the safety net we all need
My mom got phished.
Recommended Videos
Yes, it’s true. We’ve talked about how to spot them, we’ve talked about what they look like, but we never talk about how easily it can happen to someone you know. Nevertheless, she did get successfully phished the other day… and realized it after the fact.
With AI-driven enhancements, criminals are able to write increasingly sophisticated phishing messages, even applying specific targeted messages that increase the credibility of their scam.
Regardless of how well trained you are, when responding to something ‘in the moment,’ it’s becoming easier to get fooled. Maybe it’s when you’re looking at your messages first thing in the morning before you’re fully awake, or maybe you’re about to take off on a trip and trying to clear out action items before you lose connectivity. But regardless of the circumstances, these fake messages are getting better and human error is occurring on a more regular basis — even to the best of us.
That’s just one more reason why Protective DNS is vital in this day and age.
It doesn’t matter how much cyber training a person gets; human error will occur. Resiliency-based approaches are specifically designed to assume that bad things might occur so that they can be detected and stopped before significant harm is done.
That’s precisely the role of Protective DNS. The phish tries to get a user to act, usually by clicking on a link and visiting a criminal-controlled website that purports to be something innocuous and, even, well-known. But modern and advanced Protective DNS solutions know the difference. The goal of advanced infrastructure intelligence is to identify good from bad, safe from malicious, and prevent outbound connections that shouldn’t occur – in this case, preventing the connection to the malicious website, and saving the user from harm even though they didn’t realize the trap they were falling into.
It sounds easy enough, but implementation isn’t always as easy as it sounds. Criminals are constantly creating new malicious infrastructure, to be weaponized at some time in the future, or even taking over existing infrastructure and utilizing it for their own ill-gotten gains.
Advanced solutions that specialize in infrastructure intelligence need to constantly update themselves, based on what happens in real-time across the Internet, so they always have the latest intel and real-time verdicts regarding criminally controlled infrastructure. It doesn’t matter how many times a system ‘gets it right’; the bad actor only needs one success to make their mark.
Which brings us back to my mom.
Sure, she might have been able to spot this attack herself, but eventually one will outsmart her and get through. The only way to protect her, or an organization’s employees, is to ensure that the system itself implements the necessary controls to keep its users safe, even from their own mistakes.
It’s just one more reason why governments around the world are demanding that increased resiliency be part of a modern cybersecurity stack, and one more reason why everyone requires the use of infrastructure intelligence and the integration of that intelligence across their security system.
Protective DNS can be deployed quickly and easily, usually without significant IT involvement and often in a matter of minutes or hours.
If you utilize an MSP or MSSP for your cybersecurity needs, ask them if they already employ a Protective DNS solution, or consider switching to one that does. If you are responsible for an organization, ensure that the deployment of Protective DNS is on your 2025 roadmap.
No one wants to be the unsuspecting target who made a mistake that led to damage, both financial and reputational – least of all, my mother.
David Ratner is the CEO of Vancouver based Hyas (www.hyas.ca)
