Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
A cybersecurity analyst or engineer wakes up every morning, flips on their laptop, and defends others from attacks, responding at the speed of lightning to beat cyber villains, and with unmatched adaptability and agility stops cyber villains from getting into your inboxes and organizations – all while calling it just a normal day at the office.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
Does it seem that your SEGs actually invite phishing cyberattacks?
Phishing persists as today’s No. 1 threat vector for data and financial breaches—easily the most effective tool in a threat actor’s arsenal. Phishing cyberattacks may constitute less than one percent of total Internet traffic, but they do over 95 percent of the damage. And because SEGs consistently miss phish, they are incapable of effective cloud email protection—least of all from socially-engineered attacks like Business Email Compromise (BEC), whose impact has soared by nearly half again in 2020.
Yet, despite the proven ineffectuality of SEGs, businesses continue investing heavily in these solutions, which are not engineered to recognize and thwart phishing attacks—particularly those that rely on social engineering.
SEGs have their uses—but not against new phishing campaigns
Over a recent six-month period, Area 1 Security analyzed over 1.5 billion emails and caught over 925,000 threats missed by Office 365 and SEGs. (Keep in mind that this figure is only a small representative sampling of the phish that Area 1 intercepts annually.)
Although SEGs have long reported 99.99 percent effectiveness against spam, phishing attacks keep evading detection. The reason is that SEGs optimize for spam detection, but spam is by nature a different beast from phishing.
Spam targets victims by sending out large volumes of similar, often clumsily written and easily recognizable nuisance messages, creating a productivity “sink.” (And even if very little spam makes it through to victims, the attacker still succeeds.)
To protect against these barrages of emails, spam filters rely on collection and analysis of large volumes of threat samples from active campaigns. Data extracted from the samples identifies malicious domains, IPs, and malware; it’s then used to create signatures and threat intelligence optimized for large-scale bulk email detection.
Phishing attacks work on a different principle than spam
Phishing exploits like BEC, however, handily evade spam filters as well as email authentication defenses like DMARC, SPF, and DKIM. They also regularly dodge the native defenses of Office 365 and Gmail. Attackers use polished social engineering to personalize emails and lure victims to click a link or download a file. The victim may be urged to respond to a request for information or to take an action such as transferring funds, leading to data and financial loss.
BEC, also known as CEO Fraud or Imposter Attacks is:
Socially Engineered: BEC ‘spoofs’ a known executive, employee, and more recently a trusted supplier to convince the recipient to wire money, attach information to an email, and more.
Simple: Free of links or attachments that could raise a red flag, BEC doesn’t need to take over an account or computer to cause major damage.
Successful: BEC messages are scrupulously crafted to look like conventional business email. They regularly evade both SEGs and ‘security aware’ employees
To close the phishing gap, spam filters have added advanced threat protection features: sandboxing of suspicious files and time-of-click link analysis are intended to help detect threats missed by reputation- and signature-based defenses.
Nevertheless, phishing attacks continue to evade detection.
Today’s attacks zero in on vulnerabilities arising from efforts to address COVID-19’s economic challenges. In a recent exploit, a threat actor impersonated the U.S. Small Business Administration to defraud businesses waiting for loans.
And in another campaign that leveraged COVID-19 fears, the attacker targets various companies by claiming to offer face masks and thermometers, while sending email attachments infected with Agent Tesla malware, an advanced Remote Access Trojan (RAT). Spoofing chemical manufacturers and import/export businesses to make the phishing message appear more legitimate, the attacker slightly modifies the Tactics, Techniques, and Procedures (TTPs) for each wave of emails to bypass SEGs and DMARC.
Early detection of phishing campaigns is key
More than ever, organizations need preemptive, integrated email security to detect phishing campaigns. Waiting until a campaign launches to start collecting and analyzing threat data is too late to defend effectively against these threats.
Protecting an organization holistically from attacks calls for earlier insight into phishing sites and campaigns, as well as protection for all attack surface areas.
Area 1 Security focuses on preemptively stopping phishing and advanced threats before they reach user inboxes. The cloud-native Area 1 Horizon™ platform stops phishing attacks on average 24 days before campaigns even go live and covers all surface areas targeted by attackers. This includes email (internal, external, and partner-sourced), web, network vectors, and cloud-storage and collaboration tools. Area 1’s preemptive, proprietary technology employs ActiveSensors™ and our Small Pattern Analytics Engine (SPARSE™) for massive scale, high-speed phish indexing and emergent campaign and attack infrastructure identification. Our technology also goes beyond content sandboxing and deconstruction, leveraging advanced AI and Machine Learning (ML) models, computer vision, Natural Language Understanding (NLU), and neural network techniques. And rather than overwhelm security teams with alerts, our comprehensive email security also includes built-in response and remediation, with our Autonomous Phish SOC reducing phish investigation time by 90%.
Leaders and practitioners responsible for email security are faced with a few truths every day. It’s likely true that their email is cloud-delivered and comes with some built-in protection that does an OK job of stopping spam and commodity malware.
https://www.area1security.com/wp-content/uploads/2022/08/image3-16.png10131800William Cloudhttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngWilliam Cloud2022-08-23 11:36:342022-08-23 11:39:08How to replace your email gateway with Cloudflare Area 1
Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.
https://www.area1security.com/wp-content/uploads/2022/05/BlogBanner_PoTWSuperhero_2022MAY.png20845209Shalabh Mohanhttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngShalabh Mohan2022-04-28 13:51:312022-07-15 10:20:08Superhero strategies for the Phish Fight