Phishing Will Continue to Wreak Havoc in 2021—Make Sure You’re Ready

The number one cause of a cybersecurity breach is phishing, and this year the average cost of a corporate breach was $2.8 million, making phishing big business.

Yet, many organizations do not see phishing as their biggest concern and do not use the latest technology to defend themselves against 2.0 phishing attacks.

In July, SlashNext Threat Labs reported a 30% increase over 2019 as phishing threats grow to over 25,000 a day. However, as the year comes to a close, that number grew to 35,000/day by early December and now is well above 50,000/day.

Phishing attacks are growing because they are no longer just an email problem. The problem has expanded to SMS/iMessage, social networks, collaboration platforms, videoconferencing, and gaming services. Cybercriminals use fake login scams, scareware tactics, fraudulent ads, and rogue software downloads as attack payloads.

Mobile users are particularly vulnerable because of small screens, users’ mistakes, and invisible URL strings hiding the address. With iPhone, users are 18x more likely to get phished than to download malware. The stakes are high for mobile and endpoint security vendors to make sure they detect and block these zero-hour attacks. Still, these fast-moving threats are taking days to appear in threat detection engines, leaving the cybercriminals an eternity to wreak havoc on remote workers.

SlashNext uses virtual browsers and machine learning to identify over 40,000 unique phishing URLs a day with patented technology that identifies zero-hour phishing threats, hours and sometimes days ahead of the leading threat detection engines. SlashNext tested several malicious URLs to see if VirusTotal or other threat feeds discovered and blocked those attacks, as demonstrated in this blog post. Of the URLs that we found, VirusTotal and many other engines still reported them clean four days later, despite the fact they were still active. Learn how SlashNext stays ahead of the competition in this video.

Protecting remote workers from today’s sophisticated attacks requires a phishing protection toolbox that takes a Zero-Trust approach covering several attack vectors and goes beyond URL inspection and domain reputation.

 

Harness the Power of SlashNext 2.0 AI Phishing Defense

 SlashNext’s patented behavioral phishing detection technology uses millions of virtual browsers to detect unknown threats with unmatched accuracy. SlashNext’s AI Phishing Defense is a scalable, cloud-based threat detection technology that uses computer vision, NLP, and OCR, to dynamically inspect page contents and server behavior. Sophisticated machine learning algorithms and virtual browsers perform rich analysis to accurately detect zero-hour phishing threats and numerous enrichment artifacts.

This unique combination of techniques sees through evasion tactics and accurately detects phishing pages, even those hosted on compromised websites and legitimate infrastructure. It also follows through on all URL re-directs and performs run-time analysis on the final page of multi-stage threats.

With growing enterprise mobility requirements plus higher numbers of remote workers, properly securing mobile and remote users is causing security teams to rethink their endpoint security strategies. To see how you can protect your remote workforce from the growing number of sophisticated phishing threats, try SlashNext Mobile and Browser protection free for 14 days.

Blog Subscription

It’s Time to Get Started with SlashNext

Experience the difference with broad phishing threat coverage and automated delivery.