Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Top Email Protections Fail in Latest COVID-19 Phishing Campaign
[Montalbano, Elizabeth. "Top Email Protections Fail in Latest Covid-19 Phishing Campaign." Threatpost, April 1, 2020, www.threatpost.com]

“Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections (ATPs), researchers have found.”

“The emails evade basic security checks and user common sense in a number of ways, to circumvent detection and steal the user’s Microsoft log-in credentials, he said. They also don’t include specific names or greetings in the body of the messages, suggesting they are being sent out to a broad target audience, according to Cofense.”

“While these secure email gateways (SEGs) are designed to safeguard end users from clicking on malicious links and attachments, both failed in a new phishing attack we recently observed,” Mahdavi wrote in the post.”

Sophisticated phishing emails are designed to penetrate through traditional gateway solutions because of their inherit weakness, which is, to prevent delivery latency in email production, analysis needs to be fast and not too deep. RevBits Email Security is designed to stop sophisticated phishing emails by supporting by closing the gap between the outer layer of email security and the users’ inbox. Operating at the client-side, RevBits Email Security conducts powerful-deep analysis on each users’ emails without creating latency. Some of the unique features which provide for superior detection of sophisticated phishing emails are:

  • Email security analysis is conducted at the user endpoint-complete analysis without latency

  • Scaled email security–keep the gateway and add RevBits Email Security to the security stack

  • Patented methodology for detecting page impersonation attacks

  • Thorough DKIM, DMARC, SPF verification

  • Blacklist IP addresses from threat countries.

Related Insights

RevBits Detection and Response Engine Blocks All Exploits Before the Attack Chain Begins
November 15, 2022

RevBits Detection and Response Engine Blocks All Exploits Before the Attack Chain Begins

The idea behind a home security system is to deter break-ins and subsequent theft and malicious damage. We hope the ear-shattering alarm and implied promise of police intervention will be enough to cause criminals to flee before entering. Unfortunately, regardless of protective measures, many savvy thieves can breach your system and inflict a great deal of loss and harm in a short time and still evade authorities.

Email Phishing Training and Anti-Phishing Tools Matter Most Before the Holidays
May 13, 2022

Exterminate Cyber Pests with RevBits Award-Winning Deception Technology

Most homeowners have had to deal with a pest problem at some point. In addition to the mess their intrusion may create, they can also cause a great deal of damage. Trying to determine their access point can be a tricky endeavor. You can attempt any number of lures and traps; sometimes with success. But the truly insidious and elusive pest will require the services of an expert.

Difference Between Sandbox and Honeypot Security
March 03, 2020

The Difference Between Sandbox and Honeypot Security Technology

When it comes to cybersecurity, different tactics emerge on a daily basis, which can make it difficult to keep up with current trends. Sandboxing and honeypot security are two cybersecurity tactics that are constantly evolving but can be confused. These two technologies are quite different and both offer valuable solutions to various cybersecurity issues. By understanding the differences in these two technologies, businesses can be sure they have the right solution for their cybersecurity needs.

Contact Details

Contact RevBits

Message icon Request a Demo