Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
Email Security has certainly come a long way. With cloud messaging now the standard versus the legacy on premise approach (Lotus Notes anyone?) the strategy of securing these clouds has also experienced a revolution.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
Cybercrime has relied on this calling card of trust for years to engage with its victims: “Click on this link to login and renew your account.” “Download the attached document and pay your invoice.” Traditionally, threat actors have socially engineered their emails and phishing websites cleverly to win trust and steal credentials and account information or infect victim systems with malware.
However, lately, we’ve seen a new and growing trend in cyber threats. Rather than “Trust me,” the new calling card of cybercrime is “Fear me — and pay me, or else.” That’s extortion—and we’re seeing a steady increase in these “phishing with fear” campaigns. Why?
Cybercriminals are finding that scareware is an easy way to make a fortune: phishing emails demand payment in Bitcoin and threaten data destruction, or perhaps the release of an embarrassing video, or even physical violence if a demand is not met.
Area 1 Finds a Mother Lode of Bitcoin-Based Cyber Threats
Area 1 recently analyzed 4.3 million bitcoin phishes and identified 48,000 unique bitcoin addresses used by cyber actors to receive funds. Our analysis of the wallets shows over 1,600 transactions totaling 174.042 bitcoins valued at $949,703.45—that’s nearly $600 per victim!
How easy is this? Very. For these campaigns, threat actors craft a compelling, threatening email and direct the victim to a bitcoin wallet address to make a payment. These attacks require no technical skills, or creation of sophisticated phishing infrastructure or malware.
When the emails are crafted to effectively bypass cyber defenses and lure victims—which they can easily be, as evidenced by the bitcoin collected in wallets used in recent attacks—threat actors have an easy path to make a fortune.
Why Defenses Don’t Stop Scareware
Email security solutions have added functionality to fortify defenses, including stronger sender validation features with DMARC, time-of-click URL analysis to detect malicious links, and file sandboxing to detect hidden malware. But even these protections aren’t sufficient to protect organizations from these campaigns. Threat actors send bitcoin phishing emails from publicly available accounts such as Gmail or Hotmail, or from compromised email accounts that pass sender validation checks.
And because the campaigns don’t use malicious websites or malware, advanced email analysis techniques such as time-of-click URL analysis and file sandboxing are useless to detect these threats.
Are your people at risk of falling victim to cyber extortion? For information on this trending cyber threat, how it evades current defenses, and what you need to protect your organization, read our new report, “Phishing with Fear.”
Want to keep up to date with the latest phishing trends?
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-04-28 08:48:24Understanding the Four Business Email Compromise Attack Types
Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!
https://www.area1security.com/wp-content/uploads/2022/03/Champion-Banner_2.png10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-31 06:00:292022-04-28 08:49:23Area 1 Security Announces the Most Spoofed Brand of 2021
Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.
https://www.area1security.com/wp-content/uploads/2022/03/SocialBanner_Blog_MarchHackness2021_2500x1000-Copy-2.jpg10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-26 20:45:192022-04-28 08:51:272022 March Hackness: The Return of the Phishing Bracket