Email Security Blog

TAG Cyber Investigates the INKY Banner

Distinguishable product characteristics grab your attention. Tiffany’s signature blue box and the red telephone booths of Great Britain come to mind. At INKY, even though we’re in the business of email phishing prevention, we have a very distinguishable feature as well. It comes in three colors and is recognized every day by thousands and thousands of people. In the world of cybersecurity, it’s known as the INKY banner.

Recently, the INKY banner caught the eye of TAG Cyber, an industry leader in cybersecurity research.

TAG Cyber took a deep dive into the subject of email banners, gaining a thorough understanding of how they work and the benefits they deliver. In short, we all know that in order for a phishing attack to be successful, someone on the receiving end has to set that threat into motion. Sometimes that means the unsuspecting recipient opens a malicious email and inadvertently inputs login credentials which are immediately delivered to the hacker in a credential harvesting scheme. Other times they might approve a set of payments because they believe the email came from one of the company executives when, in actuality, it’s a classic case of CEO impersonation. Even more worrisome, with the sophistication of today’s cybercriminals, many of the worst phishing attacks started with just a simple click of the mouse.

In a recent report, TAG Cyber discusses INKY’s position in the email phishing security stack, noting that “INKY’s deployment has been developed to complement SEG usage and to provide useful security assistance to existing infrastructure.” This allows INKY to find hard-to-detect phishing emails that the Secure Email Gateway (SEG) has missed. Using a number of intelligent machine learning algorithms, INKY then identifies abnormalities in emails, even if the threat has never been seen before. INKY then applies the subtle INKY banner to each email in order to communicate or alert the recipient of the phishing threat level.

Each INKY banner is assigned one of three colors – grey means safe, yellow is for caution, and red warns the user that danger is ahead. If a recipient has a yellow or red banner on an email it will come with additional information, depending on what INKY has seen…and INKY sees everything!

Some examples of different alerts include:

  • Brand Impersonation
  • Spoofed Internal Sender
  • Bitcoin Blackmail Scam
  • Phishtank URL
  • Malware Attachment
  • Reported Phish
  • First Time Sender
  • Invalid Sender
  • Misleading Link
  • Confusable Domain
  • Free Web Hosting URL

According to the company’s founder, Ed Amoroso, trusted email banners “can significantly improve the likelihood that inbound email messages, including phishes, will be handled appropriately by recipients”. TAG Cyber goes on to recommend a three-step process for all enterprises to consider taking in order to determine if banners might be a useful extension of their email phishing security plans.

As more and more companies turn to INKY for their email security needs, the INKY banner is growing in popularity, becoming a widely recognized tool in the fight against phishing.

We encourage you to read TAG Cyber’s full report, entitled Understanding INKY: Using Trusted Banners for Email Security Awareness. Then, feel free to schedule a free demonstration to see how INKY can become your trusted email security solution.

----------------------

INKY® is the most effective hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and a finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.

Topics: