Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
Email Security has certainly come a long way. With cloud messaging now the standard versus the legacy on premise approach (Lotus Notes anyone?) the strategy of securing these clouds has also experienced a revolution.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
Goals for cyber campaigns consistently provide the advantage. Whether to steal data, earn financial rewards, manipulate information, or cause physical destruction, cyber attackers don’t limit themselves to a direct attack on their targets. Instead, they often use their imaginations and go after the digital supply chain of their targets, without increasing the need for technical sophistication, and without risking or compromising the success of their campaigns.
In the Summer of 2017, Iranian cyber actors identified by Area 1 Security as IRN2 and previously referred to as the “OilRig” campaign compromised a website belonging to Doosan Power Systems India (DPSI) to conduct a targeted phishing campaign against Saudi Aramco affiliates. Our research, including technical details and indicators of compromise for this supply chain phishing campaign are available here.
This phishing campaign used multiple vectors: luring victims through a career website to submit resumes; supply chain targeting; and phishing emails with malware.
First, Iranian hackers compromised DPSI’s website, a trusted and legitimate domain, to host a weaponized, encrypted, and password-protected .zip archive. Second, unsuspecting affiliates of Saudi Aramco received an email inviting them to apply for a position at DPSI; if they clicked the link within the email, a password-protected .zip archive would be downloaded to their computer, surreptitiously installing malware. This malware, a new variant of the Helminth backdoor, provided persistent access for attackers to the target’s network. The download also launched a phishing website with DPSI careers as the theme, inviting targets to register and submit a resume.
Digital supply chain attacks exploit an organization’s reliance on suppliers, partners, and vendors to find and prey on the weakest links in the chain. Suppliers, partners, vendors, and affiliates hold sensitive data; their IT infrastructure is typically less secure, or is ineffectively defended. Thus, it can serve as a stepping stone, providing surreptitious opportunities to hackers for enhancing their phishing campaigns against a primary target.
Many prominent campaigns have been the result of supply chain phishing:
The Target data breach, which exposed 40 million customer credit card numbers, was the result of attackers who initially gained access to the network using credentials obtained from heating, ventilation, and air-conditioning (HVAC) subcontractor Fazio Mechanical Services via a phishing attack.
A data breach at Home Depot, which exposed 56 million customer credit card numbers, was the result of a supply chain phishing attack wherein a third-party vendor’s username and password were used to enter Home Depot’s network.
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-04-28 08:48:24Understanding the Four Business Email Compromise Attack Types
Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!
https://www.area1security.com/wp-content/uploads/2022/03/Champion-Banner_2.png10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-31 06:00:292022-04-28 08:49:23Area 1 Security Announces the Most Spoofed Brand of 2021
Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.
https://www.area1security.com/wp-content/uploads/2022/03/SocialBanner_Blog_MarchHackness2021_2500x1000-Copy-2.jpg10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-26 20:45:192022-04-28 08:51:272022 March Hackness: The Return of the Phishing Bracket