How much has your world changed in the past few months, due to COVID-19? Bustling corporate offices and crowded boardroom meetings feel like a thing of the past. Many of us had to quickly acclimate to working from home—setting up shop at the dining room table, logging onto video conference calls, sharing a workspace with a spouse or roommate, managing the pets, and even trying to juggle homeschooling a fourth grader.
Much in the same way that COVID-19 snuck into our lives, cybercriminals are armed and ready to sneak into your new world. It’s become such a problem that phishing scam warnings have been plastered on the websites of the U.S. Department of Homeland Security, the Center for Disease Control, the Federal Bureau of Investigations, and even the global World Health Organization. In fact, on March 31, 2020, Federal and State officials in West Virginia launched a Coronavirus Fraud Task Force and high on their list was investigating email phishing scams in which hackers posing as national and global health authorities trick people into downloading malware or providing personal and financial information.1
What does this mean? That there has never been a more important time to ensure your business and your employees are protected from cybercrime. But how do you go about selecting the best email security provider for your organization? To begin with, phishing threats are more complicated than ever before. Firewalls and traditional fraud alert software doesn’t hold a candle to the sophisticated cybercriminals lurking just around the corner from your company’s email platform. Even if you decide to take it up a notch and implement a respected email security solution provider, not all of them are created equal. Why? Because technology moves quickly and email security companies that are heavily invested in yesterday’s solutions can’t keep up. That’s why it’s so important to closely examine the real-life examples of what your email phishing solution can really do.
At INKY, we put it all out on the table. With literally hundreds and hundreds of great INKY catches to our credit, we have detected phishing threats that even our strongest competitors have missed. On top of that, we believe in the power of education. Not only does our email security software feature a series of banners that help train and educate your employees whenever a phishing threat arises, but we regularly break down complicated phishing emails so that our use of computer vision, artificial intelligence, and machine learning can be better understood.
In one of our favorite INKY catches, the attacker cleverly abused Cascading Style Sheets (CSS), which determine how HTML elements are displayed on a screen. In short, Secure Email Gateways (SEGs) scan each email for particular text sequences in order to determine if an email is malicious or safe. Hackers familiar with how SEGs work can use CSS tricks to hide text from these scanners. For example, in a deceptively designed HTML email, a line of text that would normally be flagged as suspicious is made visible to the end user while simultaneously hidden from the SEG using CSS chicanery. The result is that a malicious email slips right into the inbox of an unknowing recipient. Unless you have INKY, that is.
To gain a better perspective of this particular INKY catch, take a moment to read Understanding Phishing: Text Direction Deception! It’s a great way to learn more about phishing scams and see just how astute INKY really is.
INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.