Menlo Security Cloud Security Platform receives FedRAMP® Authorization
Traditional security approaches are flawed, costly, and overwhelming for security teams. Menlo Security is different. It’s the simplest, most definitive way to secure work—making online threats irrelevant to your users and your business.
Our platform invisibly protects users wherever they go online. So threats are history and the alert storm is over.
Traditional network security wasn’t built to address today’s complex enterprise environments. SASE fixes that problem.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise.
Menlo Security | Jun 24, 2020
Share this article
Threat actors can be ruthless. They use social engineering to comb through people’s personal and professional lives to uncover details that they can use in spearphishing campaigns to manipulate users into unwittingly downloading malware or giving up their credentials
This tactic often takes the form of finding out an application or vendor the person uses and spinning up a legitimate-looking email from a trusted brand with a believable call to action, such as approving a transaction or logging in to a Software as a Service (SaaS) platform. The most evil spearphishing campaigns take advantage of current events such as natural disasters and tragedies to prey on people’s emotions, vulnerabilities, or good will.
Covid-19 has provided a particularly large opportunity for attackers to use this heinous deception. Malicious actors around the world are taking advantage of the global pandemic and its fallout to trick users. It’s sick and disturbing and desecrates the memory of the more than 400,000 people globally who have died of the disease to date.
But, unfortunately, it’s effective.
According to industry data, phishing attacks have a 30 percent or higher success rate—the most successful of any threat category. This is scary when you consider that all it takes is a single click by one user to put an entire organization at risk.
Menlo Security Research is constantly analyzing threat data across our customer base to uncover trends that could help us protect our users. Sure enough, we saw a spike in Covid-19–related phishing attacks in the first three months of 2020. In fact, 50 percent of all phishing attacks impersonating financial services companies leveraged a Covid-19 topic.
Many companies sent communications to customers warning of the attacks, citing attempts they had uncovered that offered medical products, guidance, or a safe haven for money, but their warnings weren’t enough. Our data reveals that a single Covid-19–related attack targeting HSBC customers in Hong Kong, Singapore, and Australia had had a 3 percent success rate—lower than the industry average, yet still successful. Menlo Security customers were not impacted—even the users who clicked on the malicious link. Instead, the content was isolated in a remote web browser in the cloud while web forms were rendered in read-only mode. This prevented the malware from downloading on users’ devices and stopped users from divulging their login credentials.
Not everyone was so lucky. It’s likely that more than a few HSBC customers who aren’t protected by Menlo Security were duped and had their devices compromised. From there, who knows what systems the attackers were able to infiltrate.
Of course, HSBC customers aren’t the only ones being targeted. Other Covid-19–related attacks that Menlo Security stopped included impersonated official communications from Wells Fargo, Capital One, and FirstBank in the U.S. In the FirstBank example, users were directed to a legitimate-looking website where they were prompted to input their credentials in a fake web form. As you can see in the screenshot below, the attacker attempted to steal customers’ usernames, passwords, account PINs, email addresses, and email passwords. Armed with this information, threat actors would be able to wipe out a customer’s account balance in a matter of minutes.
Phishing page impersonating FirstBank asking for account PIN, email address, and email password
It’s not surprising that malicious actors would use a global pandemic to take advantage of people. They are, after all, malicious. It’s up to organizations to protect users from spearphishing and other cybersecurity threats that use email as an attack vector.
Learn how Menlo Security helps Fortune 500 companies keep users safe from phishing attacks.
Posted by Menlo Security on Jun 24, 2020
Tagged with Email Isolation, Phishing, Threat Trends
Threat Trends & Research
To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.