Best Practices for Protecting Your Small or Medium Size Business from Best Practices for Protecting Your Small or Medium | Page 7
Real time website scanning
A good solution should ensure that linked-to websites are scanned for
• page size,
• domain name,
• on-page content, as well as
• hidden fields and
• JavaScript with injection code.
The information should be used to develop a decisioning score as to how likely those elements are
to be representative of a malicious website.
The websites should also be compared to Fortune 5000 websites, bank websites and other frequently-
used websites. The should be checked to ensure that elements have not been copied to look like clones
of authentic sites. Even SSL certificates are no longer a good indicator of a site’s security. Reputations for
the senders, the domain and the site content have to be evaluated in real time, when the linked is clicked,
not just when the email first arrives in the inbox.
If it isn’t real time don’t bother
Do you know that most phishing domains are live and active for less than 36 hours? That’s right. If
you’re anti-phishing solution checks URL databases every 24 hours, the chances are it will miss the
threat window completely. If you’re phishing solution isn’t checking databases in real time, every
few minutes or so, you may as well not bother.
Effective phishing mitigation is about timing.
Best Practices for Protecting Your Small or Medium
Size Business from Phishing
7