Phishing Attacks. PHOTO: Cybercrime Magazine.

New Breed Of Phish Attacks Email Inboxes

Cybersecurity teams weaponize with new gear to combat ransomware

Eli Kirtman

Northport, N.Y. – Oct. 14, 2020

Eyal Benishti, CEO at IRONSCALES, says fictitious and archaic phishing scenarios give us “a very dangerous false sense of security” because most of them are not malicious or they don’t really exist in the wild.

Can we learn from fishing in the wild?

Sitting on the water’s edge with my dad, he would often say, “You’ve got to know what you’re fishing, son. Then prepare the right gear and tackle.”

He was a bottom-feeding catfish guy. “Secure the bait,” he’d say, finessing the night crawler on the hook. “Go where the ‘cat’ hunts, cast the line, sit your behind there on the bank, and wait for it.”

“Don’t fool with it!” He would rap my noggin when I toyed with the rod. “When the line straightens and runs steadily, you’ll know the cat has it — ” BITE, in one swift action, he wrenched his pole in the opposite direction of the run “ — then fight,” he said as his pole twisted and the reel cried.

This morning, I launched a Google Alerts fishing expedition to see what “phishing attacks” are currently in the wild. It’s now 3:30 p.m. and I’ve already caught 19 news headlines — that would be one helluva catch if I were sitting on the lake with dad.

Cybercrime TV: Eyal Benishti, CEO at IRONSCALES

Phishing & Email Security

We are fighting a new breed of phish and we can beat it.

Millions of new threats surface every day. While attackers are motivated to score stacks of money, their lethal injections of ransomware in emails are plaguing the healthcare sector, disabling hospital IT systems, compromising emergency care — and even killing a patient.

The “cat” is hunting us, baiting malicious images in our inbox — and we are biting like crazy. “It’s a race against the clock,” says Benishti. “From the moment that the phishing email (lands) in employee mailboxes you have an average of 82 seconds until response. (Then) 80 percent of the people that normally clicks will click on the email in five minutes.”

IRONSCALES recently launched the industry’s first real-time phishing emulator, which automatically deploys real-life email phishing attacks. It is fully weaponized with all the right gear and tackle too.

Essentially, the emulator takes all the bad stuff that organizations delete and mark as phishing and relaunches it against other security gateways in real-time, delivering unmodified versions of malicious emails to reveal how a company’s security stacks against threats.

IRONSCALES is not toying with the perimeter or gateways. It takes the fight to where the “cat” hunts. “If there is a new threat out there, then we need a faster way to know that it’s happening. We need to be as close as possible to the problem, and being closer to the problem means being in the mailboxes,” says Benishti. “We need to be where the security teams are making decisions, aid their decisions, and learn in real-time what should be stopped.”

Its fully weaponized single-button solution enables security teams to eradicate dangerous injections and protect employee email boxes.

But we must shift our thinking and create an exponential defense solution.

Benishti believes we can build a real-time threat hunting community, but we must change our philosophy on how we battle phishing.

Otherwise, we will remain vulnerable to increasingly hostile threats because many of us rely on centralized vendor solutions. To hit the mark, we need an exponential defense solution to beat the click. We must be faster than the “cat.” This may be the only way to eliminate the false sense of security that the industry is experiencing.

“We need a solution that grows as the customer base and number of users grow. If you don’t move from centralized to decentralized you will always be behind, you will always lose to threat actors because they’re automating their attacks and working against all the organizations out there,” says Benishti. “So, it’s time for us to collaborate to be able to match it.”

Find Your Email Security Gaps With Phishing Emulator

Test Your Defenses In 3 Easy Steps

Executives and CISOs love the “security in the mailbox” concept.

They agree that organizations should take a decentralized approach to solving the problem because the current process is tedious and does not scale to match evolving threats.

“No one is against collaboration for a better cybersecurity defense. It is always a matter of what is shared and how it is shared. So, when we show how we can give them real-time intelligence with zero compromise to privacy or information, then this is something they appreciate — they really like it,” says Benishti. “The numbers speak for themselves.”

See for yourself. Let IRONSCALES launch an attack to test your defenses in three easy steps.

BTW, dad reeled that bad “cat” to the bank, then the slimy thing slipped from his grip and escaped. “Sometimes fishing gets the best of us,” he said, gripping the steering wheel with both hands. “We’ll beat it next time, son.” I hear you, Dad – loud and clear.

Eli Kirtman is a freelance writer based in Cincinnati, Ohio. 

Sponsored by IRONSCALES

IRONSCALES Is The Future of Phishing Protection

Incubated inside the world’s top venture program for cybersecurity and founded by alumni of the Israel Defense Forces’ elite Intelligence Technology unit, IRONSCALES offers security professionals and end users an AI-driven, self-learning email security platform that provides a comprehensive solution to stop tomorrow’s phishing attacks today.

Using our decentralized threat protection network, our platform helps you prevent, detect and remediate phishing attacks in a matter of minutes, not hours. We give organizations of all sizes complete anti-phishing protection against any type of phishing attack, right now.

With Phishing Emulator you can orchestrate up to the minute phishing attacks from the wild detected by IRONSCALES. And in less than 5 minutes you can generate a report and discover which threats bypassed your email security defenses.