On Tuesday and Wednesday of this week, the European Union Agency for Law Enforcement Cooperation, better known as Europol, met with the European Cybercrime Centre Advisory Groups on Financial Services, Internet Security and Communication Providers to discuss phishing attacks and how to fight and prevent them. The meeting brought together 70 industry leaders from global financial institutions, internet security companies, and telecommunications providers to discuss the impact of phishing on their industries and how the private sector can work with law enforcement agencies to combat the threat, and to develop recommendations. Europol also noted that it expects to release additional guidance and recommendations later this year. Attendees to this week’s meeting developed these recommendations:
- “Improve information-sharing across industries, as well as with law enforcement and other relevant public sector organisations;
- Implement the basics: secure authentication, domain blacklisting and blocking of common exploits;
- Train and educate users on a permanent basis, and not as a one-time effort;
- Embrace innovation such as machine learning to automatically detect phishing emails; [and]
- Regularly review anti-phishing measures to keep up to date with ever-evolving criminal MOs.”
