Zach Varnell, a senior appsec consultant with security firm nVisium, says that one way to prevent these types of attacks is to reinforce rules with employees about running executables and raise awareness of how initial phishing emails can lead to a compromise.

“Prevention would come from the standard security practices around email and running executables,” Varnell tells ISMG. “Add a warning banner for all external emails -this could help prevent the initial compromise, but not the secondary ones – and don’t allow users to run as administrators. You can also implement application whitelisting.”

Read the entire article here