More than 300 million phishing URL’s
detected this year
Most phishing attacks start by sending an email
which usurps the identity of a legitimate company or organization in order
to fool the receiver. More than 80% of B2B email users do not detect
a malicious email.
Vade Secure’s anti-phishing solution combines behavioral analysis
in each email to its search engine at the time of the click,
ensuring real-time protection against phishing.
Typology of phishing
One must understand and analyze types of phishing in order to fight against it. In a nut shell, phishing is an email containing a link to a fraudulent site, with the goal of leading the user to communicate sensitive information such as a credit card number, connection identifiers, or personal data. The information captured can have high value for the hacker and typically generates fast profits from just a few thousand email. This high profitability in a short time, alongside relatively easy technical implementation, means that this activity attracts many criminals, mostly amateurs.
Protection against phishing: additional techniques
Technologies used by the filter are based on analyzing the origin, the contents, behavior and the context of each email, blocking known and unknown phishing attacks, even if there are only a few. This filtering protects your email users and alerts you in case of an attack in order to protect your IT systems, and to protect your users’ and company’s sensitive data.
Web page searches
Vade Secure has developed a specific technology, Time of Click, in order to avoid being trapped by phishing techniques which change URL’s at the time of clicking. Searching and controlling web pages is done at the time of click in order to ensure that there is no threat. If the analyzed URL is malicious, the email is automatically blocked in your system.
Combating phishing relies on collaborative vigilance. We alert companies whose brands and domain names were usurped by hackers in real time so that they can notify their customers as quickly as possible.
Our site isitphishing.org provides information for all to verify, in case of doubt, if there is a risk, and if a URL was usurped.
Automatic site closure
As a global email security organization, Vade Secure shares information with organizations involved in phishing (financial institutions, FAI’s, brands, hosting companies and web navigators). Exchanging information with access providers allows for rapid blocking of URL’s, and closing malicious sites in order to protect all email users.
Help users to recognize a phishing email
Heuristic filtering is based on rules which use email characteristics in order to make a decision. Heuristic filtering is predictive, and can thus block waves of attacks which had not been blocked by previous mechanisms.
DMARC (Domain-based Message Authentication, Reporting & Conformance)
Technical specification whose goal is to standardize email authentication based on already-existing technologies. DMARC efficiently handles phishing cases in which the sender address contains the exact domain name of the counterfeited brand.
Filtering with a URL blacklist
Filtering with a URL blacklist consists of filtering emails as a function of the URL’s contained in them. This technique is particularly suitable for phishing, because phishing always contains a URL which will lead the user to the fraudulent site.
Filtering with an IP blacklist
Filtering with an IP blacklist is the simplest technique to protect against undesired emails: it refuses all emails sent by senders – identified by their IP address – which are not considered to be trustworthy.
Filtering by signature
Filtering by signature is mainly used in fighting against undesired emails. Its principle is simple: a user who thinks that he has received an undesired email marks it, which shows a signature to this email. Signatures are then grouped, moderated and analyzed in order to ensure that they are not legitimate.
Your users do not detect phishing
Don’t take a risk