Just want to throw this out there and see what other people are doing to keep attacks at bay.
We are finding phishing and malware attacks are getting more and more sophisticated and it is getting harder to avoid them. We got hit by a crytowall 4 attack a while ago but fortunately have good backups. Even when we found out which machine it was, nothing showed up when you scanned it with all the virus and other scanners we could get our hands on. We just wiped the machine anyway.
We learned the other day about a new type of malware that is extremely dangerous. If it got onto one of the machines that does internet banking (not mentioning the bank name), the machine can be controlled from elsewhere. When the user logs on using their smart card and pin entry devices which are both plugged into the machine, the malware then puts up a screen saying "Authorising account" or some such message with a waiting logo and in the background the hacker is putting payments through on a hidden screen. The hacker then prompts the user (again) for their pin, which authorises the hidden payment(s). I didn't think they could get past not having the card and pin present.
We now have software to stop people plugging their own devices in:
https://www.endpointprotector.com/
and lots of web filters, but you still have the problem of people clicking on links in emails. We have started sending out emails with quiz type questions to try to educate people.
http://www.intronis.com/msp-resources/smb-phishing-quiz/
I got 8/9. I blame the lack of tea first thing this morning for the other one ;-)
Thanks,