Email Security Blog

Spotting Zero Day Attacks Using Computer Vision

If you’re not familiar with zero-day attacks, count yourself lucky. Especially considering that 75% of companies around the world experienced some kind of a phishing attack in 2020.1 In short, zero day attacks are previously unknown vulnerabilities or weaknesses in software or applications that cyber criminals take advantage of in order to steal data or infect systems with malware.  

Much like ground zero signifies the location of a bomb, a zero-day attack signifies the point at which a new cyber threat was discovered. A zero-day attack has two parts – the zero-day vulnerability and the zero-day exploit. When news of a zero-day vulnerability is released, the hacker community jumps on the opportunity to attack their targeted organizations. The code used by hackers to take advantage of the zero-day vulnerability is known as the zero-day exploit.

Sadly, there is a demand for zero-day vulnerabilities on the black underground market. Cybercriminals trade exploit code and vulnerability information to break into systems and steal passwords and credit card numbers. Then, on the white market, researchers and hackers disclose vulnerability information to vendors, in exchange for money, so the vulnerabilities can be fixed.2 One investigation found an underground market selling a zero day exploit for $90,000. While high, experts said it is not an unreasonable price to see, especially in cases of cyber espionage.3

Guarding Against Zero Day Attacks

By their very definition, zero-day attacks are difficult to prevent because the threat is due to an unknown, undiagnosed, or unaddressed security vulnerability. The most common way cyber criminals infiltrate a company’s security is through a phishing attack and the hope is always that human error will come into play. To proactively stop zero-day attacks, organizations must have a well-constructed, layered email security solution. Traditional antivirus software won’t be effective because they’re primarily designed to recognize known threats.   Most Secure Email Gateways (SEGs) are also of little use in zero-day attacks because while they’re fine for stopping spam and spotting some phishing attempts, they’re not equipped to recognize the sophisticated language cybercriminal use to bypass email security systems. What’s needed is the level of computer vision found in a third-party email security solution that sits downstream from the SEGs.

In less than two seconds, the computer vision present in INKY’s Phish Fence analyzes an email from the perspective of a machine and also with a human eye. For instance, some character sets may look like a normal alphabet on the outside, but underneath each letter is a number, or codepoint, that is vastly different from the alphabet presented. The SEGs see the alphabet and pass the email along to the recipient, unaware of what lurks beneath. However, when that same email passes through INKY’s Phish Fence, computer vision intervenes and compares the alphabet we see to the codepoints underneath. If the two don’t match up, INKY flags it as a dangerous phishing email.

There is a lot more to computer vision that meets the eye (no pun intended) and it’s also what differentiates INKY from its competitors. With the help of its computer vision, INKY can also catch color differentiations in fake logos, distorted brands, and more. When something suspicious like this occurs, INKY goes a step further and matches the email’s origin to all legitimate IP addresses for the sender. If there is something phishy going on, INKY will flag it.

INKY’s computer vision capabilities are nothing short of astonishing. And, coupled with sophisticated machine learning and artificial intelligence features, INKY can provide a level of email phishing security its competition cannot. INKY installs easily across any email platform and will protect your employees in the office and when working remotely on mobile devices.

To learn more about INKY’s computer vision capabilities, you might like to read Understanding Phishing: Computer Vision. Or, request a free demonstration of services and see for yourself what INKY can do to improve your email security and protect your company from zero day attacks.

INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.