Talkin Cloud Blog
Spear Phishing: Understanding the Need for Advanced Threat Protection

Spear Phishing: Understanding the Need for Advanced Threat Protection

A friend and Nuvotera colleague, Daniel Norris, put together a fantastic blog post earlier this month digging into specific reasons to consider security when activating Office365. In the review, he discussed the embedded and inherent advanced-threat capabilities of our email protection packages. The post launched an internal debate about partner education and ways that we can better inform our end customers.

Even though services many times get categorized together, all threat management solutions are not the same. This makes it really difficult for buyers. There are many options—sort of like comparing midsize automobiles—so buyers tend to suffer from information fatigue. Warranties, crash ratings and safety specs are just not all that impressive. Security concerns are often overlooked until you have a problem.

More sophisticated attacks

Earlier this week, Daniel’s support crew unpacked a threat issue—something that had gone completely undetected by the partner. An urgent FRAUD INCIDENT came across his desk (we get lots of them). In taking a closer look, he realized our systems had done their job, isolated the issue and alerted the user. This wasn’t general spam, but an extremely sophisticated phishing attempt designed for a single purpose: to extract money from a specific financial group. The fraudulent senders knew enough about the recipient’s business practices that they were able to visually recreate an everyday transaction request. 

Most “spam filters” rely heavily on reputation analysis. It’s a numbers game. A malicious sender sends thousands of messages, users react by labeling them as spam, and filters are updated to block them by content and IP address. Unfortunately, the most successful malicious senders are well aware of this practice and have changed tactics, targeting users directly. This is commonly referred to as “spear phishing.”

Spear phishing attacks identify potential recipients using social media, business verticals and data profiling. This focused effort is designed to bypass bulk detection. Delivery attempts are limited to a particular, predefined scope, creating much less volume. Unsuspecting users recognize a familiar sender and content. Messages are more likely to be opened and responded to.

Advanced threat protection

This is where advanced threat protection comes into play. Today’s threat landscape has evolved to include complex targeted attacks like the one described. It’s about gaining access to the information and the money, all equating to billions of dollars lost annually.

Businesses concerned about their overall security posture should be aware of their options. Many times, protecting the email environment requires a deeper look into what’s being offered. Thankfully, Nuvotera Partners (and end customers) already benefit from deep content analysis, DLP (data loss prevention), SPF (sender policy framework), DKIM (domain keys identified mail), global threat intelligence and TLS (transport layer security) enforcement—a feature set that should not be expensive, but instead built into a comprehensive threat management strategy. Unfortunately, all email protection platforms are not created equal.

It’s good to know I have a dedicated team here to help, educate and deploy the right solutions.

Eric Pinto is product manager at Nuvotera. Guest blog such as this one are published monthly and are part of Talkin' Cloud's annual platinum sponsorships.


Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.