Here at Graphus we’ve seen a rapid increase in number of cybersecurity vendors and MSPs/VARs signing up to use Graphus® to protect their own organization from highly targeted, zero-day cyber attacks. We couldn’t be more excited and proud that the vendors that are relied on to protect organizations of all sizes, all over the world, are coming to Graphus to protect themselves against socially engineered attacks.
Just this week alone, we’ve seen multiple phishing, executive spoofing, and drive by download attacks detected and remediated by Graphus® for our cybersecurity customers. One attack in particular, stood out. This was a phishing attack against a managed security service provider (MSSP) who also uses a leading secure email gateway (SEG). (note: Graphus® coexists with SEG and can be used as an added layer of security.)
The message sent to the recipient what looked like from one of their partners asking them to review a document. If they clicked on the link, they were asked to login into their Microsoft Office 365 account.
Fortunately for this security vendor, and their organization, the recipient never clicked on the link because Graphus® detected this message and applied the EmployeeShield™, our interactive warning banner, to the message.
So why did this attack stand out versus all the others Graphus®detected this week? This is because:
- The organization is also leveraging a leading SEG and this highly targeted attack slipped past their detection
- This was a zero-day attack. The site was literally minutes old when Graphus® detected the phishing attack.
- The site leveraged SSL, which, as we’ve written about before, is no longer a sign of a legitimate/secure site.
- It took this SEG several hours to detect this URL and block the site. According to many studies most harm happens in first 10 minutes of receiving an attack. An exposure of hours is devastating to the security posture of the organization.
Zero-day attacks can be devastating to an organization. For a phishing site, like this one, to go undetected for hours leaves businesses in an extremely vulnerable position. Every second counts and it only takes one employee to click on a link or provide their credentials for the damage to be done. Don’t let this happen to your organization. With our patented AI technology, the TrustGraph® and EmployeeShield™, Graphus® detects attacks in real-time, drastically reducing the risk for your organization.