Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
A cybersecurity analyst or engineer wakes up every morning, flips on their laptop, and defends others from attacks, responding at the speed of lightning to beat cyber villains, and with unmatched adaptability and agility stops cyber villains from getting into your inboxes and organizations – all while calling it just a normal day at the office.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
Anticipation ran high when Google introduced Gmail; and the versatile MX has exceeded expectations, driving productivity as it speeds and simplifies business and personal communications. Unfortunately, because of its high profile, Gmail is a top target for phishing campaigns. Threat actors pursue users relentlessly in global cyberattacks, delivered by phish that slip past Gmail defenses to land in user inboxes. And customers who trust Gmail’s email filters and rules to protect them learn the hard way that this won’t happen.
Why? Because Gmail threat defenses lack integrated email security insight into targeted phishing campaigns.
It’s hard to believe that an innovator like Google itself could be outsmarted — but breaches happen constantly. Gmail collects threat data from active, high-volume attack campaigns, but the low-volume, targeted profile of phishing emails such as Business Email Compromise (BEC) help them bypass Gmail’s defenses time after time.
Phish posing as valid communications handily evade both Office 365 and Gmail security. Criminals can lure users into clicking a malicious link, opening a malware-bearing attachment, or falling for Business Email Compromise (BEC) fraud — forwarding data and funds to spoof accounts. And even trained, skeptical users still take the bait nearly a third of the time. Once the money is in the criminals’ hands, they quickly drain and close their bogus accounts, often untraceably.
If you’re a Gmail user, or a security leader charged with email security, you naturally watch for Gartner’s latest wisdom. As noted in the Gartner 2020 Market Guide for Email Security (ID: G00722358), “Security and risk management leaders must revisit their organizations’ email security architecture in the light of current email threats, such as sophisticated malware, links to exploit kits, credential phishing and BEC.”
Additionally, Gartner notes, “As organizations continue to migrate to cloud email, the need to reevaluate email security is even greater. The solutions and controls that were put in place for on-premises email solutions are no longer enough.”
BEC phishing and the “Long Con” threaten Gmail
When it comes to BEC, also called “CEO fraud,” “Impersonation Attacks,” or “Email Account Compromise,” many companies lack strong internal control processes, such as double confirmation for bank transfer requests. This shortfall allows cybercriminals to pose as employees or even partners/vendors in Types 3 & 4 BEC and to reap shockingly high amounts. The FBI reported 24,000 BEC scams in 2019 with enterprises losing $1.7 billion for an average loss of $72,000.
These scams don’t call upon complex coding or deep technology expertise; all they require is a credible-appearing phishing email. Threat actors have even commoditized toolkits for aspiring criminals, offering resources like RaaS (Ransomware as a Service) and self-replicating “ransomworms.”
Protecting against such ingenious fraud demands insight into the deep structure of the attack itself. Traditional email filters and rules, including Gmail’s security tools, can’t do that. As Gartner notes, an effective approach to stopping phish must be both technology-based and proactive, rather than after-the-fact damage cleanup.
An MSSP resolves its vulnerability by adding Area 1 to its security stack
Legato, a Managed Security Service Provider (MSSP), discovered a gap in its own email security that allowed incessant phishing attacks. These required time-consuming investigation and remediation which affected employee productivity. As Gartner recommends, the company sought specific anti-phishing technology that went above and beyond its own MX’s native capabilities. After Area 1 showed its ability to dramatically reduce phishing incidents with no impact on email traffic and productivity, Legato now adds Horizon as the phishing protection layer for their own customers’ Office 365 and G Suite environments.
Advanced visibility spots cyberattacks under construction
Threat actors can take months to construct a phishing site that carries out its attack in mere hours. By the time native defenses catch on, the phish have already landed in user inboxes and often the damage is done or underway. Integrating Area 1 with Gmail defenses provides the technology-based anti-phishing approach that Gartner recommends to detect and disable phishing emails before they land. Area 1 deploys quickly to:
Conduct inbound email scanning specifically for targeted phish
Use patented small-pattern detection to crawl the web for attacks under construction
Block and dismantle phish emails bearing ransomware, spoofs and BEC—missed by current defenses
Analyze and deliver detailed alerts and reports to stop phishing
On average, the solution detects malicious sites and payloads a full 24 days before industry benchmarks thanks to such phish-hunting resources as preemptive crawling, machine learning, cousin domain and anomaly detection.
The Area 1 Horizon service deploys and integrates smoothly in minutes, adding effective anti-phishing protection to Gmail’s security features like anti-spam, DLP, encryption, and archiving. Augmented by Area 1 technology, Gmail can offer true protection and peace-of-mind to its users by finding and blocking 99.997% of phishing attacks.
To learn more about how Area 1’s preemptive, cloud-native email security protects Gmail users, click here.
Want to keep up to date with the latest phishing trends?
Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.
https://www.area1security.com/wp-content/uploads/2022/05/BlogBanner_PoTWSuperhero_2022MAY.png20845209Shalabh Mohanhttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngShalabh Mohan2022-04-28 13:51:312022-06-01 10:55:30Superhero strategies for the Phish Fight
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-04-28 08:48:24Understanding the Four Business Email Compromise Attack Types