The most difficult to detect:
spear phishing or targeted attacks
The goal of spear phishing is to trap a person by usurping
the identity of a person in his network (personal or
professional). The attack takes place solely by exchanging
emails in order to create confidence, then asking
the victim to perform an action (open an attached document,
make a bank payment, etc.). The most sophisticated spearphishing
does not contain links to an external site.
Vade Secure performs several analyses on an email in order to block
spearphishing attacks, verifying the sender, the email’s
contents and its stamp.
Typology of spearphishing
Spearphishing, also called ‘harpooning,’ a scam performed on the president or BEC (business email compromised) is the most sophisticated type of email attack. This is an email sent by a hacker to one victim, most often including only text without either a link or an attachment. A “classic” spearphishing attack generally starts with an exchange of emails with a target of winning one’s confidence. The pirate usurps the identity of a person belonging to a target network (employee, family, supplier, etc.) and starts with an exchange of a sensible subject. The pirate has thus already studied his target and network, thanks to data which is legally accessible on the Internet (social networks, LinkedIn, Twitter, Facebook, etc.) and in the media. This type of attack has the highest success rate and is the most dangerous.
to protect your emails
In addition to classic filtering techniques, Vade Secure’s heuristic filter and artificial intelligence protects you against unknown attacks, and recognizes a targeted attack, a scam against the president, or phishing.
Developed and patented by Vade Secure, “IdentityMatch” verifies the identity of the sender. IdentityMatch is designed to detect all kinds of identity fraud. Depending upon the filter’s degree of certainty, the solution adapts, and notifies the receiver up to the point that the email is blocked.
Vade Secure’s anti-spearphishing solution uses heuristic algorithms specially developed to fight against this threat. The filter analyzes email contents in order to determine if personal data are requested, thus protecting the user.
Spearphishing is the most dangerous threat; how to understand it better and defend against it.
How can one block spearphishing?
Vade Secure performs several analyses of received email by verifying the sender, the email contents and its stamp in order to block spearphishing attacks.
This technological approach ensures that the sender is who he says he is, and that he doesn’t intend to cause harm. Attached documents and URL links are also inspected in order to avoid malware insertions.
IdentityMatch is designed to detect all types of identity fraud: usurping a person, an email address or a domain. Depending upon the filter’s degree of certainty, the solution adapts, and notifies the receiver up to pure and simple blocking of the email. IdentityMatch settings can be modified by the user and the administrator.
Vade Secure’s anti-spearphishing solution contains heuristic algorithms which analyze the origin, contents and also the context of an email, key items to investigate if there is a targeted attack. Different than classic solutions which only analyze the contents and the origin, Vade Secure’s artificial intelligence and Identity Match identify the threat from the first email exchange.
Spearphishing is by far the greatest threat to your organization.
Predictive defense is the only effective defense against these types of attacks.