An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Press Release | Oct. 18, 2023

How to Protect Against Evolving Phishing Attacks

FORT MEADE, Md. - The National Security Agency (NSA) and U.S. partners have released a new report describing the latest techniques in phishing attacks and the defenses organizations can deploy against them.
 
The Cybersecurity Information Sheet (CSI) “Phishing Guidance: Stopping the Attack Cycle at Phase One” outlines tailored cybersecurity controls for Information Technology (IT) departments to reduce phishing attacks, also known as electronically delivered social engineering. The Cybersecurity and Infrastructure Security Agency (CISA), NSA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) co-authored the CSI.
 
“Knowing how to navigate phishing danger is essential because anyone can fall victim to these attacks,” said Eric Chudow, NSA’s Cybersecurity System Threats & Vulnerability Analysis Subject Matter Expert. “Cyber threat actors are constantly evolving their techniques and harnessing new technologies to their advantage, including artificial intelligence. They are also finding it easier to deceive people who have transitioned to hybrid work environments and have fewer-face-to-face interactions.”
 
Cyber actors employ a wide range of technologies and platforms to conduct phishing attacks. Common vectors include short messaging system (SMS) text messages and chats in platforms such as Slack, Teams, Signal, WhatsApp, iMessage, and Facebook Messenger. Such attacks may lure users into divulging their login credentials or clicking a malicious hyperlink or attachment which then executes malware.
 
The CSI provides detailed mitigations to protect against login credential phishing and malware-based phishing, as well as steps for identifying and remediating successful phishing activity. It lists more than a dozen best practices for IT professionals to follow to avoid their organization being compromised, including phishing-resistant multi-factor authentication (MFA), phishing filters for links and attachments, protective DNS, application allow-lists, and remote browser isolation.
 
Additional guidance in the CSI focuses on software manufacturers implementing secure by design and default tactics and techniques. Software manufacturers should develop and supply software that is secure against the most prevalent phishing threats. The co-authoring agencies urge organizations to hold software manufacturers to a secure-by-design technology standard and build these and other mitigations directly into products to protect users and organizations from phishing’s malicious effects.
 
Read the full report here.
 
Read NSA’s secure-by-design guidance.
 
Visit our full library for more cybersecurity information and technical guidance.

NSA Media Relations
MediaRelations@nsa.gov
443-634-0721

Related Press Advisories

NSA and Partners Issue Additional Guidance for Secure By Design Software
NSA, U.S. and International Partners Issue Guidance on Securing Technology by Design and Default
NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software
NSA Releases Best Practices For Securing Your Home Network
NSA releases a repository of signatures and analytics to secure Operational Technology

Related Documents

CSI: Phishing Guidance: Stopping the Attack Cycle at Phase One
actor Cyber NSA CISA FBI ms-isac Cybersecurity Information Sheet CSI phishing spear phishing smishing vishing malware AI mfa
Hosted by Defense Media Activity - WEB.mil Veterans Crisis Line