{"id":15693,"date":"2019-11-26T19:43:11","date_gmt":"2019-11-27T00:43:11","guid":{"rendered":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/?p=15693"},"modified":"2022-10-14T18:27:35","modified_gmt":"2022-10-14T22:27:35","slug":"allure-security-unveils-anti-phishing-solution-to-protect-customers","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/allure-security-unveils-anti-phishing-solution-to-protect-customers.html","title":{"rendered":"Allure Security Unveils Anti-Phishing Solution to Protect Customers"},"content":{"rendered":"\n<p>Founded in 2009 by Columbia University Professor and cybersecurity researcher Salvatore Stolfo, Ph.D., <a href=\"http:\/\/www.tmcnet.com\/query\/SearchResults.aspx?searchstring=Allure+Security&amp;type=phrase&amp;stem=True&amp;phonic=False&amp;fuzzy=0&amp;feeds=True&amp;area=0&amp;sort=date\">Allure Security<\/a>\u2019s mission is to improve early detection of web spoofing as part of an orchestrated phishing attack, protecting customers from fraud and preserving the enterprise\u2019s brand reputation. The company just <a href=\"http:\/\/www.tmcnet.com\/usubmit\/2019\/11\/26\/9060106.htm\">announced <\/a>the availability of its new website phishing detection and response capability. Built on patented beacon technology, Allure\u2019s SaaS alerts security teams in real-time when cybercriminals build spoof versions of their customer-facing websites as part of a phishing attack. Allure empowers organizations to be more proactive before a phishing scheme has the chance to succeed, protecting the private credentials of customers and keeping the company\u2019s brand reputation intact.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"665\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Allure-Security-team.jpg\" alt=\"\" class=\"wp-image-15696\" srcset=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Allure-Security-team.jpg 1000w, https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Allure-Security-team-768x511.jpg 768w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><figcaption>The Allure Security team<\/figcaption><\/figure>\n\n\n\n<p>As more transactions between all types of businesses and their customers move online, the opportunity for attackers to steal credentials and other valuable information through phishing attacks continues to grow. The Center of Applied Internet Data Analysis (CAIDA) estimates that 30,000 web spoofing attacks are launched each day, with the goal of tricking consumers into giving up their login credentials used to access legitimate websites. Making matters worse, phishing is becoming more sophisticated and difficult to spot, even for the trained security professional. Recent attacks have even successfully bypassed 2FA systems. This not only puts consumer data at risk, but it also damages the reputations of companies whose websites are spoofed.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"398\" height=\"398\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Salvatore-Stolfo.jpg\" alt=\"\" class=\"wp-image-15694\" srcset=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Salvatore-Stolfo.jpg 398w, https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Salvatore-Stolfo-90x90.jpg 90w, https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/Salvatore-Stolfo-300x300.jpg 300w\" sizes=\"(max-width: 398px) 100vw, 398px\" \/><figcaption> Salvatore Stolfo, founder and CTO of Allure Security <\/figcaption><\/figure><\/div>\n\n\n\n<p>\u201cCurrent approaches to detect and mitigate phishing attacks are\nfalling short. Enterprises have plenty of solutions for employees&#8211;email\nsecurity filtering, employee training, DNS monitoring, and sophisticated\nwebsite proxy systems. Unfortunately, none of these can help protect their\ncustomers, who are often the real victims of phishing. Enterprises are left to\nrely on domain monitoring for spoof websites, which is slow, reactive, and\nunreliable,\u201d explained Salvatore Stolfo, founder and CTO of Allure Security.\n\u201cAllure\u2019s innovative product directly addresses the problem of customer\nphishing by actively detecting each customer access to the spoof website in\nnear real-time. Furthermore, Allure helps enterprises take down malicious\nsites, and even helps launch an active defense that devalues stolen customer\ncredentials by flooding the adversary with fake information.\u201d&nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Allure\u2019s approach is to embed its patented beacon technology into the code of a company\u2019s customer-facing website. When an adversary scrapes a legitimate website to launch a spoof version, these beacons are activated, sending real-time alerts to the company\u2019s security team and collecting information about each access to the site. Security teams can immediately start the takedown process, and they\u2019ll know the scope of the impact on their customers. They may even be able to tell, with some analysis, which customers were impacted by the attack.\u00a0<\/p><\/blockquote>\n\n\n\n<p>Using Allure\u2019s patented deception technology, defenders can take their response strategy even further to disrupt the economic advantage that hackers have when orchestrating a phishing attack. Thanks to advances in machine learning, Allure can generate and inject decoy credentials into a spoof website, convincing an attacker that their scheme has worked and a customer has entered their login credentials. But in fact, these are highly convincing decoys with no value to the adversary. Leveraging decoy technology devalues the stolen credentials and creates uncertainty on the part of the attacker.<\/p>\n\n\n\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\nhttps:\/\/www.youtube.com\/watch?v=O9ya-pJxzyY\n<\/div><\/figure>\n\n\n\n<p>We applaud the company and their amazing approach to cybersecurity. By devaluing entered information, they truly reduce the value of stolen information which could already be suspect as it is being purchased anonymously on the dark web.<\/p>\n\n\n\n<p><strong>See the only cybersecurity vendors that&nbsp;<a href=\"https:\/\/www.itexpo.com\/east\/exhibitor-list.aspx\">matter&nbsp;<\/a>at the&nbsp;<\/strong><a href=\"http:\/\/www.itexpo.com\/\"><strong>ITEXPO<\/strong><\/a><strong>&nbsp;#TECHSUPERSHOW.<\/strong><\/p>\n\n\n\n<p><strong>Join others with $8.5B+ in IT buying power who plan 2020 budgets! Including 3,000+ resellers!<\/strong><\/p>\n\n\n\n<p>A unique experience with a collocated&nbsp;<a href=\"https:\/\/www.theblockchainevent.com\/\">Blockchain Event<\/a>,&nbsp;<a href=\"http:\/\/www.sdwanexpo.com\/\">SD-WAN Expo<\/a>,&nbsp;<a href=\"https:\/\/www.aiopsexpo.com\/\">AIOps Expo<\/a>&nbsp;and&nbsp;<a href=\"http:\/\/www.mspexpo.com\/\">MSP Expo<\/a>\u2026<\/p>\n\n\n\n<p>Feb 12-14, 2020, Fort Lauderdale, FL.\u00a0<a href=\"https:\/\/www.itexpo.com\/east\/registration.aspx\">Register now<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"640\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/itexpo-techsupershow-2019.jpg\" alt=\"\" class=\"wp-image-15557\" srcset=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/itexpo-techsupershow-2019.jpg 1000w, https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/11\/itexpo-techsupershow-2019-768x492.jpg 768w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Founded in 2009 by Columbia University Professor and cybersecurity researcher Salvatore Stolfo, Ph.D., Allure Security\u2019s mission is to improve early detection of web spoofing as part of an orchestrated phishing attack, protecting customers from fraud and preserving the enterprise\u2019s brand reputation. The company just announced the availability of its new website phishing detection and response<\/p>\n","protected":false},"author":44,"featured_media":15695,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[156],"tags":[2589,1796,270,1839],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/15693"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=15693"}],"version-history":[{"count":1,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/15693\/revisions"}],"predecessor-version":[{"id":15697,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/15693\/revisions\/15697"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media\/15695"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=15693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=15693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=15693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}