When a user clicks on a link in an email and navigates to a site used as part of a phishing attack, two bad things can happen:
While many anti-phishing solutions largely rely on user training—with limited success—some solutions have incorporated workflow to re-write links in email so that potentially harmful sites are analyzed before the user is granted access. This approach is prone to false positives and false negatives, exposing users to drive-by downloads and data theft when they directly access malicious or compromised sites.
Phishing isolation with Menlo Security prevents phishing sites from delivering malware to endpoints and/or harvesting private information from users who click on phishing links. By isolating and executing user web sessions in the Menlo Security Isolation Platform (MSIP), phishing sites can be rendered harmless, eliminating the threat of malware and preventing users from entering data into un-vetted sites. The solution integrates easily with existing email infrastructure and provides an intuitive email experience. It requires no software or plug-ins on the endpoint and is compatible with any device, OS, browser and mail client.