Security Magic. PHOTO: Cybercrime Magazine.

The Hidden Card Trick of Email Security

A malicious message doesn’t just disappear into thin air

Gil Friedrich

New York City, N.Y. – Apr. 5, 2022

The hidden card trick is a classic staple of magic. The idea, of course, is to make a card “disappear.”  It doesn’t actually disappear. It’s just out of sight. But the card is still with the magician, accessible at any time. It’s the ultimate misdirection trick. You think it’s gone, and then — poof! — the magician brings it back, much to the crowd’s delight.

This is how most API-based email security solutions work. Because they can’t block malicious emails before the inbox, they have to do something with an offending email. Different solutions have different ways of handling this. One way? Placing the malicious email in a hidden folder. Just like a hidden card trick.

Here’s how it works. A malicious email is sent. Because the API system can’t block it before the inbox, the malicious email enters the inbox. After an average of three minutes and three seconds — assuming the end-user hasn’t already clicked on it — the email will be removed from the inbox.

Cybercrime TV: Gil Friedrich, Founder & CEO at Avanan

Protecting Office 365 inboxes from phishing attacks

Where does it go? Just like the hidden card trick, it doesn’t just disappear into thin air, never to be seen again. It goes into a hidden folder. Hidden folders are only kind of hidden. First, admins have full access to them. And with a little knowledge of Outlook or Gmail, your end-users can usually find those hidden folders and thus access bad emails.

But regardless, the offending email remains in your ecosystem. With SOC teams overwhelmed, that “hidden” email may remain there for some time, just begging to be clicked on. That’s a disaster waiting to happen.

Now imagine the following two scenarios. You’re driving your car and another car comes screaming toward you. What would you rather happen?

– Your car automatically brakes before you hit the other vehicle

– Your car detects the other vehicle after you already have hit it, then automatically hides any crash information

Obviously, you would take the first option every time. That’s exactly how cybersecurity should work.

Hiding malicious emails is not security. Instead, organizations are best served by proactive, preventative security. That means actively blocking malicious and phishing emails before they reach the inbox, so users don’t have a chance to interact with them. That means actively blocking malicious files on all applications where business is done. It means rewriting every URL, testing the site before redirecting the user so as to defend against post-delivery detonation attacks. It means providing full malware protection to stop the most pernicious ransomware attacks. It means an advanced artificial intelligence database that is trained on the largest and most sophisticated dataset.

Most attacks start with email and it is the number one threat resulting in breaches. Some 91 percent of breaches start with email. The best way to prevent your organization from being attacked is to block the attack from happening — not just hiding it away.

A solution that just sweeps malicious emails under the rug is not a solution. It’s just a magic trick. And unlike the best magicians, these secrets are easily decoded.

Start a Demo to Experience the Power and Simplicity of Avanan

Avanan Archives

Gil Friedrich is co-founder and CEO at Avanan.

About Avanan 

Avanan is a cloud email security platform that pioneered and patented a new approach to prevent sophisticated attacks. We use APIs to scan for phishing, malware, and data leakage in the line of communications traffic. This means we catch threats missed by Microsoft while adding a transparent layer of security for the entire suite and other collaboration tools like Slack.

Avanan catches the advanced attacks that evade default and advanced security tools. Its invisible, multi-layer security enables full-suite protection for cloud collaboration solutions such as Office 365™, G-Suite™, and Slack™.  The platform deploys in one click via API to prevent Business Email Compromise and block phishing, malware, data leakage, account takeover, and shadow IT across the enterprise. Avanan replaces the need for multiple tools to secure the entire cloud collaboration suite, with a patented solution that goes far beyond any other Cloud Email Security Supplement.