Phishing Protection and Management Filter
Phishing messages, unlike spam, are malicious attempts to hijack information. Historically, phishing messages were designed to capture individual user information such as username/password combinations to bank accounts. But the stakes have risen with the use of phishing messages as an attack vector to deliver malware designed to steal sensitive and confidential corporation data. Designed to imitate legitimate email, attackers duplicate the look and feel, the structure, and the logos of actual organisations. As attackers have become more sophisticated, these email attacks are now much more targeted with low volumes of messages being sent. This easily slips by traditional email reputation-based detection systems. And with well designed phishing messages containing little more than a URL for users to click-on, many organisations are finding these phishing messages getting through spam filters and into end-user inboxes, creating a serious security issue.
An even more sinister type of phishing is the "spear-phishing" message. Rather than casting out thousands of emails in a broad-based attack, spear-phishing attacks are highly targeted at specific groups of people, or even individuals within an organisation. The attackers will typically gather some insider information to create spear-phishing emails containing relevant topics. This is achieved by combing through public press releases, blogs and social networking sites. As a result of the highly convincing phishing email created with such background information, spear-phishing emails have an even higher rate at which victims fall for these counterfeit messages.
Powered by the patented Proofpoint MLX machine learning technology, Proofpoint's Phishing Protection examines millions of possible attributes in every email to accurately filter phishing messages. The malicious intentions of phishing messages need to filtered and managed differently so emails that have been identified as phishing messages are quarantined separately from spam and bulk messages. This specialised quarantine holds phishing messages, which can be reviewed by administrators, but is not accessible by end-users. This phishing filter prevents phishing messages from being released by end-users, compromising the security of your organisation.
Phishing Protection and Management Key Capabilities:
- Contextual, Lexical Analysis: Proofpoint MLX examines the content and context of messages using structural tests, malicious URL detection, as well as targeted rules for phishing attacks to accurately filter and single out phishing messages from nuisance spam.
- Specialised Phishing Quarantines: Phishing messages are designed to fool recipients into believing they are valid messages, convincing them to take a call to action. Due to the malicious nature of phishing messages, phishing messages are filtered and placed in a specialised quarantine, which prevents end-users from accessing and taking action upon a phishing message, putting your organisation at risk. Many alternative phishing email filtering solutions do not uniquely identify phishing messages, and when they are filtered, simply place the phishing messages into the spam quarantine, in full view of an end-user, who can easily release these messages, immediately compromising the security of your organisation.