Some Mitigation Against Phishing and MITM
- Regular phishing awareness should be done in the organization.
- Regular 2FA/MFA hacking awareness should be done in the organization.
- The Phishing campaign should be run internally in the organization to check the employee’s awareness.
- Reward the employees if they successfully pass the phishing internal check. So that all other employees remember it.
- Reward the employees who tell about the phishing email or any phishing activity. This creates a positive impact in the organization and the team.
- The common misconception people have with the standard form of MFA (SMS, Touch, Push) is that it prevents social engineering. Although it MFA protects against an attack, it’s commonly still vulnerable to a MITM phishing attack. Check the example of Uber Hack 2022
- Take a regular quiz related to phishing and reward some of the employees who pass the quiz. This will motivate others.
Read More: Here