Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
Email Security has certainly come a long way. With cloud messaging now the standard versus the legacy on premise approach (Lotus Notes anyone?) the strategy of securing these clouds has also experienced a revolution.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
Today, the best way to steal information and money online is to walk in through the front door and ask for it. These frontal assaults bypass security measures like bulk spam filters and work at an alarming rate. Once hackers have started a conversation, it’s just a matter of socially engineering the right message to get an employee to send company money into the ether.
Case in point is the recent news that Google and Facebook both fell for a targeted phishing attack that cost them a combined $100 million. This news should be a wakeup call for companies of all sizes.
A typical phishing attack tricks a target into sending confidential information or wiring money somewhere. Unlike some forms of phishing, BEC emails are usually disarmingly personal, and often an attacker doesn’t spring his or her trap until after a lengthy back and forth. How long do you keep up your guard after a half a dozen emails with a purported customer, partner, or coworker on the same topic?
In this case, the hacker tailored emails to Google and Facebook employees to look like corporate correspondence and referenced legitimate services. Shortly thereafter, the employees unlucky enough to have received these emails did what they thought was their job. They transferred the money.
It’s tempting to blame the employees here, but an enormous amount of persistence, knowledge, and creativity went into this attack. Calling it a “scam” underestimates the intricacies behind this heist. Two Silicon Valley giants with nearly limitless security budgets and the best security solutions in their arsenals would not be fooled by a mere “scam.” The fact that the victims were sophisticated, well-defended tech companies underscores that these attacks can truly happen to anyone.
Most people click on links and respond to requests via email all day long. It’s their job. As long as we are letting these emails end up inboxes, we are, in turn, expecting every employee to be a part-time cybersecurity professional. Let’s leave securing organizations to actual cybersecurity professionals, and better yet, to technology. Not only do employees have more important things to do than worry about clicking on rogue links, but they are also human. Humans are curious and trusting — links will be clicked and attachments will be opened as long as links and attachments exist.
As we speak, a phishing attack disguised as a shared Google Doc is proliferating across the internet. This campaign is routing invitations to shared Google Docs through Google’s own system, making it nearly impossible to spot. We can’t expect users to distinguish “real” versus “phishing” when the two are actually identical.
Events like these beg the question — if the most sophisticated and well-defended technology companies in the world are getting hacked, are these attacks inevitable?
We don’t think so. Hackers are thriving off of one single method: phishing. So why not eliminate that method all together?
The irony of Google getting hit is that a lot of organizations rely on them for security. Yes, email services such as Google Suite have native security measures in place, and they are incredibly effective at spam filtering, malware detection, and data loss prevention. But while these functions are vital, dangerous and targeted phishing emails are still getting through.
The best defense from targeted attacks keeps phishing messages out of user inboxes to begin with. Phishing — in all its forms — is a problem for small companies and tech giants, alike. And Area 1 Security has a solution for everyone.
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-04-28 08:48:24Understanding the Four Business Email Compromise Attack Types
Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!
https://www.area1security.com/wp-content/uploads/2022/03/Champion-Banner_2.png10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-31 06:00:292022-04-28 08:49:23Area 1 Security Announces the Most Spoofed Brand of 2021
Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.
https://www.area1security.com/wp-content/uploads/2022/03/SocialBanner_Blog_MarchHackness2021_2500x1000-Copy-2.jpg10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-26 20:45:192022-04-28 08:51:272022 March Hackness: The Return of the Phishing Bracket