Cybersecurity is one of the most difficult threats to contain, for one simple reason: people are going to click on things, and you just can’t stop them. Even with mandatory training and a general awareness of the dangers, the fact remains that just one errant click can ruin a life or destroy a company’s reputation. And, hackers are always doing their best to make falling for their schemes even easier.
That’s why one new software may present a viable solution for companies and individuals who are concerned about the ever-present threat of cybercrime. It’s called Foghorn, and it aims to stand between users and cyber attacks by ensuring those suspicious domain names never make it to your inbox.
Foghorn works from the concept of “grey-listing”. This is a filtering technique that’s been around for awhile, in which emails from previously unseen sources are purposely delayed. Then temporary errors are received by the sender for a few minutes up to a few hours. While legitimate mail servers almost always re-attempt delivery, spambots usually don’t.
Foghorn takes that principle and applies it to domain names that haven’t been seen before, because a significant portion of domains behind phishing attacks are active for 24 hours or less before they switch to a different domain. After all, it’s difficult to catch a hacker whose platform is always on the move. If Foghorn hasn’t seen a domain before, it will delay the availability of that domain with the hope that if it’s a phishing attack, the user won’t even be able to see it. And, of course, the software comes with the option to whitelist domains known to be safe.
The software also has a handy feature that logs which sites get grey-listed. Those logs can be used to alert the appropriate individuals to possible threats, and identify who clicked on the bait.
Foghorn is still in its early stages and has a fair bit of development left to do, but its concept is a smart one. Although it’s no substitute for cyber smarts and common sense, Foghorn could be an effective extra layer of precaution for businesses, and those of us who just want a little extra security. To learn more about what you can do to safeguard your data from cybercrime, check out Cybersecurity Fundamentals.
by, Spencer Grey