The phishing problem is getting worse by the day.
A city in Florida was just forced to pay $600,000 to hackers thanks to a single email which was clicked on by an employee. Systems were subsequently locked up – backups couldn’t solve the problem so they were forced to pay a ransom. It is unclear if the data was ever unlocked at this point.
Over the past decade, it is likely, U.S. businesses have lost over $3 trillion and counting thanks to cyberattacks.
In addition – if you follow our Twitter feed you know hackers are not only using target marketing in their phishing attacks, they also use HTTPS whenever possible. In short, hacking is becoming a real business in the sense they are using all the tools a legit business uses.
There are numerous ways to tackle the problem such as Valimail which we reported on earlier today.
Another great solution comes from SlashNext. We really like their solution because it looks at the web pages the hackers set up to get you to enter your information. It uses AI to determine if the page is malicious.
The idea is, by identifying these malicious pages, they can determine what people should not click on.
You may be thinking that your organization has already spent a lot of money on cybersecurity – why do you need any more tools?
SlashNext CMO Jan Liband explains where his company fits in.
In an exclusive interview he said:
SlashNext is in the cybersecurity area with a specific focus on real-time anti-phishing technologies. An enterprise of decent size has a multilayered strategy consisting of antivirus, end-user training and firewalls. The bad guys know this and have found ways around these solutions. What we try to do, is to close those gaps that exist in the multilayered defenses of an organization.
He continued, “We have a malicious website detection technology and a cloud system with computer vision and AI. We can give a thumbs up or down on whether it is a phishing site or not.
The output can be fed into firewalls to block users from going to infected sites.
Jan explained attackers are getting better at hiding their malicious payloads. They often use numerous redirects from an initial URL which seems fine like from Amazon.
Here is the big challenge. He said, “The percentage of phishing sites are on compromised domains has skyrocketed. They use local business websites and host pages there.”
Hackers can buy logins to business websites on the dark web. He went on to say it used to be common to post pages on compromised sites for a day but now – a malicious actor will upload the page until it is clicked on and then take it down 20 minutes later.
The company’s products are Real-Time Phishing Threat Intelligence, Targeted Phishing Defense and Incident Reporting.
SlashNext is working on remote user phishing as its next area of growth. In-browser extensions will protect remote workers who don’t use VPNs. In addition, the company is working on apps for iOS and Android.
Let’s get back to our headline. “Eliminate Phishing with SlashNext.” There is no way to 100% guarantee the elimination of anything but we believe we are at least capturing the goal of this and other cybersecurity solutions.
We have also put together cybersecurity best practices for every organization. We urge you to read the document and live by it.
Learn about the latest in everything you need! Cybersecurity, the Channel, IT, IOT, Edge, AI, SD-WAN, and the Future of Work at the world’s only MSP Expo, part of the ITEXPO #TechSuperShow, Feb 12-14, 2020 Fort Lauderdale, FL.