Your Anti-Phishing Software Isn't Working. Learn Why.

Posted by Catherine Young

Despite training and education, humans are still your weakest security link.  All it takes is one employee in your organization to click on a malicious link or fall victim to a phishing email to undermine all your security efforts. 

More than 90% of breaches start with phishing emails.  The only way to ensure your security is to stop phishing emails from getting through in the first place.

Microsoft Office 365 and Google G Suite have built-in anti-phishing solutions.  There is plenty of third-party anti-phishing software on the market.  With all of that phishing attack software, you might think you’re protected.

You May Not Be Protected From Phishing Attacks

Most anti-phishing software depends heavily on a few standard techniques to filter for problems.  Unfortunately, there are flaws in each technique.

Content Filtering & Blacklists

Email is analyzed before it enters your mailbox.  It is compared to existing lists of known threats that have been previously detected.  When an attack comes from a source that’s on a blacklist, it’s easy to block.  Cyber criminals know this.  It’s way too easy for them to change email addresses, URLs, and change up approaches.

It can also give you a false sense of security.  New threats are not always updated quickly.  It might not be on the list when you receive it. 

You can also get a lot of false positives, which can lead users to ignore all of the warnings.

Keywords & Symptom-Based Scanning

There are keywords and symptoms that signal potential phishing attacks. Whenever you click on a link or visit a website, the site is quickly assessed for potential threats.  If phishing signals are present, you will receive a warning.

Don’t underestimate the cleverness of threat actors.  Links can contain hidden characters, invisible characters, and look-alike domains that go undetected by most anti-phishing software.  Sometimes it’s as simple as adding a letter or misspelling a word that gets through the filter.

Links may direct you to legitimate sites, such as PowerPoint, PDF files, or SharePoint.  The files themselves may be fine, but when you click, they ask for your login credentials.  Most phishing software won’t catch that.

SharePoint phishing email

Domain Binding

If you visit a domain that is not linked or “bound” to your credentials, you will receive a warning.  Every time you visit a new domain, you’ll get flagged.  If there’s a warning on every email that comes from an external source, it fades into the background for users quickly.  Even when the warning should be heeded, this very quickly gets ignored by users.

The Trouble With Warnings

Most anti-phishing software displays the warnings in the header instead of in the body of the email.  Mobile devices might truncate the title, meaning users will never see it.

Generic warning messages combined with false positives get ignored.

Anti-Phishing Software That Works

INKY works differently.  INKY is anti-phishing software that works. It combines domain-specific machine learning, computer vision, and AI to find signs of fraud and phishing attacks other software does not catch.

Catch Attacks The First Time

Not only does INKY use Content Filtering and Blacklists, but it also identifies new and emerging threats by checking for domain spoofing, brand forgeries, text and character tricks, and even behavior profiling.  It stops zero-day attacks and other phishing threats before others even add it to their blacklists.

CEO Fraud Email

Advanced Computer Vision

In addition to Keyword & Symptom-Based Scanning, its proprietary computer vision sees the email the way humans do.  It can spot differences in logos and font down to the pixel.  It simply sees things other phishing attack software doesn’t see.

Protection And Education

INKY displays bold warnings right in the body of the email so that it’s clear to users whether they use a desktop computer or a mobile device.  Unlike other software, INKY provides details about why the email is marked as suspicious.  By avoiding generic warnings, users are educated on what to look for to avoid phishing attempts in the future.

UPS Phishing Email

INKY also gives users the ability to report email and email links right from the body of the email, which means users can report spam, phishing attempts, and other troubling emails from any device with just one click without special software.  Most anti-phishing software only allows this to work from an installed version.

Works With Any Email Client

Whether you use Microsoft Exchange, Office 365, Google G Suite, or some other email solution, INKY will integrate into almost any email product.

Secure Cloud-Based Phishing Attack Prevention

A secure cloud-based phishing attack software, INKY blocks phishing attacks, spam, and malware.  It doesn’t rely just on lists of known threat actors like other phishing attack software.  It uses advanced techniques to identify and stop zero-day attacks and emerging threats that pass through other software.

You can’t afford to leave yourself unprotected from phishing attacks.  Read our Special Phishing Report on how you can better protect yourself from phishing attacks.

 

SOURCES:

https://inky.com

https://resources.infosecinstitute.com/category/enterprise/phishing/phishing-countermeasures/anti-phishing-services-pros-and-cons/#gref

https://www.tripwire.com/state-of-security/security-data-protection/look-2018-verizon-dbir-key-takeaways-industry-highlights/

https://fedtechmagazine.com/article/2018/03/phishing-culprit-behind-vast-majority-data-exfiltration-intelligence-official-says

https://enterprise.verizon.com/resources/reports/dbir/

https://developers.google.com/safe-browsing/?csw=1

https://security.stackexchange.com/questions/56296/how-does-anti-phishing-software-work-to-identify-phishing-sites

https://www.pcmag.com/article/340398/how-we-test-antivirus-and-security-software

https://resources.infosecinstitute.com/anti-phishing-training-vs-software-does-security-awareness-training-work/#gref

Topics: anti-phishing software