<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1626328370711236&amp;ev=PageView&amp;noscript=1">

Phishing Isolation Data Sheet: Protect Against Phishing Attacks & Drive-by Exploits

Phishing has become the weapon of choice for cyber criminals. Despite operating a full spectrum of email security solutions including anti-spam, anti-virus, data security, and encryption, enterprises continue to be impacted by targeted spear phishing which results in credential theft and malware exploits.

Legacy email security solutions rely on a 'good vs. bad' determination provided by third party data feeds, or internally via large-scale email traffic and data analysis. Because spear phishing attacks target specific individuals within an organization, the email link is usually unique, as is the target user. Therefore, no third party reputation data is available, nor is there enough data to analyze internally to make an accurate determination. If the determination is incorrect, the first targeted “patient-zero” individuals are sent directly to a site where credentials can be stolen, or malware can be downloaded to an endpoint. A single error can facilitate a costly and damaging cyber attack.

A new approach is required.

Diagram_1_DS_HTML_page.png

The Solution: Isolation

Menlo Security’s Phishing Isolation solution eliminates credential theft and drive-by exploits caused by email attacks. By integrating cloud-based Phishing Isolation with existing mail server infrastructure such as Exchange, Gmail, and Office 365, all email links can be transformed to pass through the Menlo Security Isolation Platform. When users click on an email link, they are 100% isolated from all malware threats, including ransomware. Websites can also be rendered in a read-only mode which prevents individuals from entering sensitive information into malicious web forms.

With their users safely isolated, administrators can monitor behavior statistics, and provide customizable time-of-click messages that help reinforce anti-phishing awareness training. Administrators can also define workflow policies for groups or individuals that determine if or when web input field restrictions can be relaxed. With zero dependency on on error-prone threat detection methods, such as data analytics, Menlo Security Phishing Isolation is the only email security solution that protects every email user the instant it’s deployed.

Diagram_2_DS_HTML_page.png

Phishing Isolation Key Benefits

  • Protects against phishing and eliminates drive-by exploits through isolation of all email links. MSIP Phishing Isolation provides the industry’s only solution that delivers protection from credential theft, while eliminating 100% of drive-by malware exploits.
  • By opening email links in safe isolation sessions, MSIP protects against targeted spear-phishing and drive-by exploits without relying on error-prone threat detection.
  • Requires no end-point software or appliances, and easily integrates with existing mail server infrastructure. MSIP Phishing Isolation is the first cloud-based (public or private) solution with zero dependency on end-point software or appliances. It integrates easily with existing mail server infrastructure such as Exchange, Gmail, and Office 365.
  • Provides user-behavior stats and customizable training reinforcement that enable teachable moments. Because web sessions pass through the isolation platform, MSIP Phishing Isolation can provide visibility into user behavior, helping administrators determine which users are clicking on potentially risky links. Even if users do click on malicious links, all sites are safely isolated and have input-field restrictions. Administrators can use this information to create teachable moments by providing configurable, real-time warning messages which offer additional corporate phishing-awareness training.

Summary

As phishing becomes an increasingly popular method for cyber criminals to distribute malware, the Menlo Security Isolation Platform (MSIP) provides the industry’s only Phishing Isolation solution delivers protection from credential theft, while eliminating 100% of drive-by malware exploits.

MSIP Phishing Isolation uses web isolation to protect end users from malicious email links that can cause malware infections or lead to phishing sites. With this unique approach, users can safely view sites with input-field restrictions, while configurable messages provide additional corporate phishing awareness training. MSIP Phishing Isolation requires no end-point software or appliances and easily integrates with existing mail server infrastructure such as Exchange, Gmail, and Office 365.

Highlights

  • Eliminates drive-by exploits by isolating all email links
  • Stops credential theft
  • Reinforces phishing awareness training with real-time, customizable, and dynamic end-user education messages
  • Simplifies security infrastructure, requires no end-point software or appliances, and easily integrates with existing mail server infrastructure

Phishing Stats-at-a-Glance


  • Phishing is the most common targeted method of cyber attacks1
  • Nearly 50% of users open emails and click on phishing links within the first hour2
  • 12% of users click on suspicious links or attachments despite training2
  • Increasing volume and sophistication of phishing attacks are resulting in downtime and direct financial fraud3
  • The main perpetrators for phishing attacks are organized crime syndicates and state-affiliated actors3

1 Gartner's Fighting Phishing: Optimize Your Defense (Published 17 March 2016)
2 Verizon's 2015 Data Breach Investigations Report
3 Verizon's 2015 Data Breach Investigations Report

contact us

To find out how your organization can eliminate the threat of malware with no impact on user experience.