COBALT GYPSY’s continued social media use reinforces the importance of recurring social engineering training. Organizations must provide employees with clear social media guidance and instructions for reporting potential phishing messages received through corporate email, personal email, and social media platforms. Guidance should include recommendations for reporting inquiries by an unknown third party about an employer, business systems, or the corporate network, or requests to perform actions such as opening a document or visiting a website.
CTU researchers recommend that organizations disable macros in Microsoft Office products to mitigate the threat posed by weaponized Microsoft Office documents. Organizations should also incorporate advanced malware prevention technology and endpoint threat detection tools as part of their security strategies.