How Businesses Can Stop Phishing Emails with IRONSCALES

by | Aug 7, 2019 | Blog

Introduction

This article will cover how small businesses can stop phishing emails with IRONSCALES. Phishing has been a major cyber threat almost as long as the internet has been around. Almost everyone with an email account will at some point have received some form of phishing email. Phishing emails are attempts to lure users to reveal sensitive personal or company information such as passwords and credit card details.

Why are Phishing Emails so Dangerous?

In the past, most phishing emails were generally very easy to spot, with poor grammar and unconvincing attempts to trick users. However, todays phishing attacks are highly sophisticated. Hackers can very easily impersonate specific business contacts using email addresses taken from LinkedIn, to target specific individuals within a business. These attacks are known as spear-phishing, and they can be very difficult to spot, even for highly trained users.

Successful phishing breaches can also lead to Business Email Compromise. This occurs when an attacker is able to use a phishing attack to gain access to a high level account, such as a company executive’s. They then use this account to ask employees to make payments or share confidential information.

Phishing attacks are also extremely common. According to the Canadian Government, 156 million phishing emails are sent every single day, resulting in 80,000 clicks. In the UK in 2018, around a third of business suffered from a phishing attack or breach, according to the UK government. Attackers are increasingly automating phishing emails, allowing them to target thousands of small companies with ease.

Successful phishing attacks are hugely damaging for small businesses. The average cost of a data breach in 2019 is $3.86 million, which is a huge sum of money for a small business to lose.

Why Phishing Attacks are so Successful

There are three main reasons that businesses find it difficult to to stop phishing attacks.

1) Sender Impersonation is Easy

Phishing attacks are based around sender impersonation. Successful phishing attacks occur when bad actors are able to impersonate a trusted contact, and use that connection to fraudulently gain access to sensitive information or financial data. It can also be difficult for humans to tell when an email is fraudulent or genuine, which increases the likelihood a user will fall for a phishing email.

 

2) Phishing attacks are overwhelming security teams

Due to the sheer volume of phishing emails that businesses are receiving; security teams are being overwhelmed by attacks.  In addition, many organizations have recently moved to cloud based email providers, which stretches security resources even further. Small businesses are particularly at risk from being overwhelmed, as they do not have the time, or resource, to keep on top of phishing emails.

Once again, weaknesses in email technologies extenuate this problem. Even cloud based email providers such as Office 365 and G-Suite have no options to allow admins to go in and delete malicious emails from their users inboxes. This makes it difficult for security teams to remediate against email attacks.

 

3) Weaknesses within Email security technologies

The final reason phishing attacks are so successful is that they exploit weaknesses within email security technologies themselves. Domain-based Message Authentication, Reporting & Conformance (DMARC), is an email authentication protocol that is designed to prevent email impersonation and spoofing. However, it is unable to truly authenticate sender identity.

There are also gaps in email security technologies, such as users not being able to report phishing emails directly from their inboxes, and admins being unable to delete phishing emails from a central location. 

Even Secure Email Gateway technologies are unable to fully protect against phishing attacks, as they are designed to slip through the cracks in filters, to reach user inboxes. Many Secure Email Gateways don’t offer any post-delivery protection, to protect users from these internal threats.

In fact, new research has shown that even when using email gateway technologies, 3 out of 4 phishing emails still end up being delivered to user inboxes.  We have experienced this ourselves when testing different email security technologies.

 

This phishing email passed through a popular Secure Email Gateway. The ‘Attached File’ link was even scanned by the anti-malware systems in place. However, I was still able to download the file to my PC, despite the fact the email is clearly malicious. Even my desktop anti-virus did not flag up an issue with the attached file, which was a zero-day ransomware threat.

Due to the fact it was a new virus, it was not flagged by any email security or anti-virus security system we had in place.

How Small Businesses Can Stop Phishing Attacks

As we’ve covered, phishing emails are very successful as they impersonate senders, overwhelm security teams, and exploit gaps in human and security technologies. To protect against phishing attacks, organizations need to implement security solutions that help them automate and remediate against phishing attacks within the inbox, as well as training users to be able to spot and report against phishing attacks. 

IRONSCALES is an innovative email security technology that does exactly that. IRONSCALES automates the remediation of phishing emails, allows admins to remove phishing emails already in the user inbox, and provides security awareness training to users.

How IRONSCALES Remediates Email Attacks

Using the example of the phishing attack we received, we can see how IRONSCALES helps organizations to remediate against email attacks.

 

Within Office 365, GSuite or Exchange, IRONSCALES allows users to report phishing emails with their ‘Report Phishing’ button.

When a user reports an email as malicious, IRONSCALES by default shows warnings to everyone who received the same email that the message is potentially harmful. This warning applies when emails have been reported by your users, or by users in other companies.

This greatly reduces the likelihood that your users will click on a phishing email, or download a malicious file.

Reporting emails also provides admins with a report, which is sent via email and on the admin console.

This report gives admins a run down of information about the email, showing how confident IRONSCALES is that the email is a phishing attack, and what the reputation level of the sender is. IRONSCALES also deploys multiple third party anti-virus engines to scan links and ensure that they are clean of threats.

From this menu, admins can control what happens to the phishing attack. It can be deleted, marked as a false positive, or quarantined.

Simulation and Collaborative Phishing Detection

Alongside covering the gaps in email security technology and helping admins achieve automated remediation of phishing emails, IRONSCALES helps users to recognize and report threats with Security Awareness Training.

Admins can undertake a threat assessment with a Phishing Simulation, which involves sending out simulated phishing emails to users. IRONSCALES then provides a range of gamified and engaging security awareness training materials to help users recognize phishing attacks, and report them to admins.

Creating a security aware culture is vital to protecting your users from security breaches, and with IRONSCALES you can provide training to meet all your legal compliance needs and protect your users from attacks.

Summary

Phishing attacks are the most common and harmful type of attack facing small businesses at the moment. They utilize social engineering, exploit weaknesses in IT departments, and use the gaps in email security to affect thousands of businesses globally. Using IRONSCALES, businesses can protect themselves against phishing attacks, with automated phishing response, strong technological defences against malware, and engaging security awareness training for employees.

You can get started with IRONSCALES by deploying their Free Phishing Simulation Tool on your email networks. Get started here.

If you need any more help or information, get in touch with a Jura Security email expert today.

 

 

Related Articles
Menlo Security: Digging Deeper Into Isolation
Menlo Security: Digging Deeper Into Isolation

An overview of Isolation from leading vendor Menlo Security. We get it. You’re a bit leery. One hundred percent protection from web- and email-based attacks? With no impact on user experience or web browsing performance? No clients to install? No software...

Read More