Phishers bypass Microsoft 365 security controls by spoofing Microsoft.com

A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by Ironscales. It also led them to discover that Microsoft servers are not currently enforcing the DMARC protocol. “This is especially perplexing when considering Microsoft frequently ranks as a top 5 most spoofed brand year after year,” said Lomy Ovadia, the company’s VP of research and development. The phishing campaign The phishing emails … More

The post Phishers bypass Microsoft 365 security controls by spoofing Microsoft.com appeared first on Help Net Security.

IRONSCALES raises $8M to support email security research and development, accelerate growth

IRONSCALES announced it has closed an $8 million Series B extension led by Chicago-based venture and growth capital firm Jump Capital. The additional funding will add to the $15 million previously contributed by current investor K1 Investment Management.

IRONSCALES plans to use the funding to further accelerate its aggressive growth strategy through market expansion and ongoing research and development of its email security platform.

As a result of the partnership, Jump Capital Partner Saurabh Sharma will join the IRONSCALES Board of Directors. Saurabh leads IT Infrastructure and Application Software investments for Jump Capital and brings a diverse background in investing, operations and product management.

“Phishing remains one of the largest attack vectors for cybercriminals. Even though enterprises are investing heavily in cloud-native security infrastructure, they still rely on legacy secure email gateway products to fight increasingly sophisticated and socially engineered phishing attacks,” said Sharma.

“IRONSCALES is a recognized industry leader in anti-phishing for new-age cloud email ecosystems and its comprehensive self-learning security platform combines advanced machine learning with human intelligence to continuously evolve with the phishing landscape.”

In conjunction with today’s funding news, IRONSCALES also announced that it has hired Matthew McNulty as SVP of Worldwide Sales. McNulty joins IRONSCALES as a seasoned sales, operations and finance expert, previously working as SVP of International Sales at security awareness training and simulated phishing platform KnowBe4.

“While we weren’t actively seeking capital, partnering with Jump was too good of an opportunity for us to pass up,” said Eyal Benishti, IRONSCALES founder and CEO.

“With this Series B extension, and with Jump and McNulty on our team, we will be able to accelerate our marketplace momentum through investments in both people and technology, helping reduce the risk from what has become a global email phishing epidemic.”

Funding builds on IRONSCALES 2020 growth momentum

The news furthers what has already been a monumental year for IRONSCALES. Already in 2020, the email security leader has scaled its North American sales and marketing teams, expanded into new territories and unveiled a number of platform updates and new tools available to customers and partners.

IRONSCALES’ biggest 2020 announcements include:

  • An upgrade of Themis, IRONSCALES’ AI-driven virtual security analyst, which now has the ability to be fully autonomous in the classification and removal of email threats. With the tool, security analysts can now measurably increase the speed and accuracy of their email security through automated time-sensitive decisions on email threat mitigation.
  • The industry’s first Phishing Emulator, a fully automated solution that enables security professionals to evaluate their organization’s email security defenses by relaunching real-world, unmodified phishing attacks built to bypass secure email gateways and authentication protocols.
  • The deployment of natural language processing, which uses advanced machine learning and neural networks, to automatically detect and respond to the most common types of business email compromise (BEC) attacks.
  • The launch of an in-app chat tool that encourages the sharing of phishing threat detection and open collaboration within security teams and amongst the global community of security analysts.

IRONSCALES helps where e-mail security hurts the most – in the inbox with post-message delivery, detection and remediation. Through a self-learning platform that provides for fast, easy and seamless collaboration, IRONSCALES puts its customers on offense, empowering them to defend against sophisticated email attack techniques automatically in a proactive and predictive manner.

Using a democratized approach to threat intelligence sharing, IRONSCALES makes anti-phishing effortless and seamless for both security professionals and end users.

IRONSCALES Themis is now fully autonomous in the classification and removal of email threats

IRONSCALES, the pioneer of self-learning email security, announced that Themis, its AI-driven virtual security analyst, now has the ability to be fully autonomous in the classification and removal of email threats.

Since first being released in 2018, Themis has helped render verdicts against more than 100 million trending and zero-day phishing attacks, including some of the most complex techniques, such as polymorphism, business email compromise and ransomware.

Security analysts can now measurably increase the speed and accuracy of their email security by allowing Themis to make time-sensitive decisions on email threat mitigation without any human involvement.

“Themis is an invaluable resource with its autonomic capabilities,” said Vern Scoggins, CISO of IRONSCALES customer Polypore International. “We chose Themis because of the volume and level of sophistication of phishing emails is steadily increasing. The time it takes for an individual to analyze and respond to every phishing email is far too long.”

Themis is part of IRONSCALES self-learning email security platform, which gives end users and security professionals the right training, tools, and intelligence, to hunt, log, alert, analyze, and remediate phishing attacks. In total, the virtual security email analyst is now more than 93% accurate in resolving incidents, giving SOC teams overwhelming confidence in her ability to make decisions autonomously.

Themis accuracy-level has increased exponentially due to IRONSCALES’ approach of having humans and machines constantly working together. Specifically, IRONSCALES proprietary data labeling technology that assesses millions of technical data points is combined in real-time with human vetted decision making by security analysts.

This ever-evolving ecosystem or feedback loop has provided Themis with the unprecedented intelligence needed to render highly accurate verdicts on email security incidents.

With phishing mitigation, time is of the essence

Today, the majority of enterprise SOCs lack the dedicated resources to detect, investigate and respond to suspicious emails as quickly as phishing mitigation demands.

Additionally, the eruption of coronavirus has led to more employees across the globe working remotely, and cybercriminals are exploiting this dynamic with thousands of new attacks related to the virus, such as those purporting to deliver critical information from established sources like the World Health Organization.

To be effective against the growing email phishing threats, SOCs require both more automation and more human oversight. With Themis, IRONSCALES customers have access to the unique combination of artificial intelligence and real-time decision data from the world’s largest community of security analysts, now boasting more than 1000 analysts and counting.

“Themis is not just automated, it’s autonomic,” said Eyal Benishti, IRONSCALES founder and CEO. “Never before have SOC teams had access to the combination of patented AI and years of human experience, in one resource. Themis acts as another member of the team. Without anyone ever having to think about, much less interact with her, Themis does her job.”

Phishing is a huge concern among security decision-makers and influencers

A serious disconnect exists between how decision makers (i.e., CISOs, CIOs and CEOs), and security practitioners (i.e., IT managers and directors, security architects and security operations analysts) perceive phishing prevention, according to a research by Ironscales.

phishing prevention

The research is based on a detailed, cross-industry survey of 252 security professionals from the United States and the United Kingdom.

Among its key findings, the survey revealed that decision makers are four times more likely than security practitioners to consider email security the highest priority, suggesting that security personnel believe that they have a sufficient handle on phishing prevention while the C-Suite sees substantial business risk.

“The disconnect between security practitioners and decision makers is extraordinarily problematic for phishing prevention and incident response,” said Eyal Benishti, CEO at Ironscales.

“The cause for such a predicament – whether or not security professionals on the front lines don’t fully understand the long-term business impacts of a successful phishing attack or if the C-Suite is simply over-concerned – is irrelevant. What matters is that moving forward these two important constituencies get on the same page so that the proper time and attention can be allocated towards minimizing phishing risk.”

The survey revealed that there is a critical need for real-time threat intelligence to more thoroughly address the risk of phishing; that the security skills shortage is having a material impact on security teams’ ability to deal with phishing properly, and that most organizations are using several tools to combat phishing, with secure email gateways remaining the most common.

Key research findings

  • 24% of a 40-hour work week is spent by security analysts investigating, detecting or remediating phishing emails.
  • Only One in five organizations continuously updates and tweaks its corporate email security policies in a typical month.
  • Nearly three in five organizations train their users on proper email security protocols no more than twice per year, while only a third of organizations do so much more frequently (at least monthly or continuously).
  • More than 70% of organizations use only manual processes for reviewing user-reported phishing emails, making it far too labor and time-intensive to mitigate email threats at scale.

phishing prevention

Problems with phishing prevention

The survey also found that phishing emails continue to take organizations a substantial amount of time to detect, investigate and remediate. In total:

  • 70% of organizations take more than 5 minutes to remove a phishing attack from a corporate mailbox even though the average time-to-click is 82 seconds.
  • 75% of organizations cannot act on phishing intelligence automatically in real-time.
  • 90% of organizations cannot orchestrate phishing intelligence from multiple sources in real time in the context of their overall email security solution(s).

“The survey’s findings reinforce the significant challenges that email phishing attacks incur on organizations of all sizes,” said Michael Osterman, principal analyst at Osterman Research.

“Most immediately, decision makers and cybersecurity practitioners must work to overcome the disconnect that exists so that time, budget and resources can be properly allocated to reduce email phishing risk.”