Skip navigation

Phishing Prevention

Phishing attacks are a common security threat designed to steal sensitive information like login credentials and financial data. It’s the No. 1 cause of security breaches — but despite all the notoriety, phishing campaigns continue to fool even the most vigilant. Security measures are evolving beyond network-based tools to a dynamic, identity-based zero trust model.

Watch the Webinar

image representing phishing prevention

What are Common Types of Phishing Attacks?

Historically, phishing was often conducted by sending mass email campaigns designed to collect credentials. The logic is that if a hacker can reach enough people with a phishing campaign, statistically someone will take the bait. Today's phishing techniques are much more targeted, often incorporating social engineering campaigns in which attackers gather information about their targets through meticulous research and manipulative interactions.

image of an email icon

Email Phishing

Email phishing is conducted by sending mass email campaigns imitating a legitimate source to steal sensitive information from a broad group of people. The goal is to trick the recipient into giving away sensitive data or install malware on their system.

Spear phishing icon

Spear Phishing

Spear phishing uses social engineering to collect personal information about a specific individual, such as a target organization’s employee. Attackers use this data to pose as legitimate users, then infiltrate networks and steal sensitive data, install malware, or steal credentials.

whaling icon


Whaling is a type of spear phishing attack that targets high-level executives. Attackers often use personalized emails to trick targets into providing sensitive data or making financial transactions. Whaling is concerning because executives have social leverage and direct access to valuable data and highly visible companies.

Cybersecurity professional reading a document at his home office about phishing

How Does Spear Phishing Work?

Most modern phishing attacks start with threat actors gathering information about their targets to gain initial unauthorized access into an organization’s networks, and then escalate privileges as they traverse the networks.

  • Step 1: Social Engineering
    A spear phishing attack begins when an attacker establishes communication with their target. This could happen via phone call or email — there are any number of avenues hackers use to reach out to targets in a way that appears legitimate.
  • Step 2: Targeted Phishing
    Once an employee has bought into a phishing scam, they’ll typically be taken to a web page where they’ll be asked to provide their credentials.
  • Step 3: Lateral Movement
    Once the hacker has infiltrated an application, they can use an organization’s internal systems to gain access to additional resources and take over more user accounts — often with privileged access to critical systems.

Phishing for Dummies

Phishing attacks are evolving and so should your defenses. This ebook teaches about new emerging threats, trends affecting attackers, and weaknesses that leave organizations vulnerable. It provides strategies to mitigate these weaknesses, emphasizing the importance of understanding phishing, and introduces Cisco Security solutions for sophisticated defense.

Download the eBook

Phishing for Dummies Cover Image

What Are Anti-Phishing Tools?

A Multi-Layered Approach

Anti-phishing solutions utilize both security software and human practices to prevent and remediate phishing attacks.

Phishing Protection Solutions

You need software that provides advanced phishing protection, strong user authentication, granular device visibility, adaptive access policies, and login monitoring.

Employee Awareness

Employees are attackers’ favorite target, which also makes them your first line of defense. Educating them on how to recognize and avoid suspicious emails or links can help prevent phishing attacks.

How to Prevent Phishing Attacks

Because it targets the unpredictable human element of security, phishing sounds scary — but it doesn’t have to be. With a few best practices and security tools in place, organizations can achieve phishing resistance, prevent unauthorized access, and avoid becoming a victim of phishing attacks.

image of the number 1

Implement Strong User Authentication

To significantly reduce the risk of unauthorized data access, require multi-factor authentication (MFA). But not all authentication methods are equal. Using WebAuthn or FIDO2 security keys provides the highest level of assurance for secure access. Additionally, Verified Duo Push provides an extra layer of security by requiring users input a unique code from the login device in the Duo Mobile app. 

  • Duo's User Access Policies
    Get granular with your security requirements, with options to set policies for specific user groups either globally or by application.

    User access policies are available in all Duo editions, with advanced options in Duo Access and Duo Beyond.
image of the number 2

Reduce Reliance on Passwords with Single Sign-On (SSO)

Single sign-on serves as a unified visibility and enforcement point for application-specific policies, while also enabling seamless access to multiple applications with a single set of credentials. With fewer credentials to remember, users are less likely to reuse or create weak passwords that can easily be targeted by hackers. 

  • Duo’s Single Sign-On (SSO)
    Let users access any application with a single login experience, protected by Duo’s strong authentication and granular access policies.

    Duo SSO is available in all Duo editions.
image of the number 3

Create and Maintain a Detailed Device Inventory

It’s hard to prevent access from devices you don’t know about. Visibility into all the devices accessing your resources is a key step in ensuring every access attempt is legitimate.

  • Duo’s Device Visibility
    See every endpoint that’s logging in to your apps, so that you can spot risky devices before they compromise your resources.

    Device Visibility is available in all Duo editions.
  • Duo Desktop
    Monitor laptop and desktop devices to ensure they have the right security protocols in place.

    Device Health is available in Duo Advantage and Duo Premier.
image of the number 4

Verify Device Trust as Part of the Authentication Workflow

With many different devices accessing company resources, it’s important to ensure they’re all healthy and up-to-date. Compliant devices are less likely to create gaps in security, making them more difficult for hackers to exploit.

  • Device Access Policies
    Manage access permissions based on operating system, encryption status, software version and more.

    Device Access Policies are available in all Duo editions, with advanced options in Duo Advantage and Duo Premier.
  • Duo’s Trusted Endpoints
    Identify corporate-owned vs. personal laptops, desktops and mobile devices, to ensure only devices with the right permissions are accessing critical resources.

    Duo’s Trusted Endpoints is available in Duo Premier edition.
image of the number 5

Enforce Adaptive Access Policies

Ensure that the right users, with the right devices, are accessing the right applications. By creating granular security policies, you can enforce a least-privilege access model and ensure that users and their devices meet rigorous standards before they can login to critical resources.

  • Duo’s Adaptive Authentication
    Provide conditional access based on context from user roles, device status, user location and more using Duo’s adaptive policy engine.

    Adaptive Authentication features are available in all Duo editions, with advanced options in Duo Advantage and Duo Premier.
image of the number 6

Continuously Monitor for Unusual Login Activity

Utilize behavioral analytics to monitor the unique access patterns of your users. This practice helps you spot suspicious activity — and stop breaches before they happen.

  • Duo Trust Monitor
    Establish baseline access behavior and be notified of anomalous activity, like logins from new devices or unexpected locations.

    Duo Trust Monitor is available in Duo Advantage and Duo Premier editions.

Related Topics

Passwordless Authentication

Hackers can’t steal a password if there’s no password to steal. Passwordless authentication is becoming a viable and attractive way to reduce credential theft.

Learn More About Passwordless Authentication 

Multi-Factor Authentication

Phishing attacks depend on human behavior to be successful — so verifying user identities with strong MFA is the first step in preventing a breach.

Learn More About Duo’s Multi-Factor Authentication 

Adaptive Access Policies

Assigning access permissions by application ensures that your most critical resources are also your most protected.

Learn More About Duo’s Adaptive Access Policies 

Cover of Cover of Duo's Anatomy of a Modern Phishing Attack guide, with a school of fish chasing a letter on a hook. eBook

Anatomy of A Modern Phishing Attack

Read the Report