Dealing with phishing attacks from email is one of the
largest challenges facing security teams and systems analysts all over the
world. There is a plethora of different vendors and different technologies out
there that promise to be able to stop threats like phishing, ransomware and Business
Email Compromise coming from email. But the fact remains that most technologies
fail to stop phishing emails from making it into user inboxes.
Menlo Security offers protection against these threats with
Browser Isolation. They have developed a technology that they promise can
remove up to 99% of data breaches impacting an organization.
This article will cover why organizations are at risk from email attacks, what Browser Isolation is, and how Menlo Security can protect businesses against phishing.
Why are businesses at risk from phishing attacks?
In the last few years email has grown to be the most popular
and most lucrative attack vectors for cyber criminals, bad actors and hackers.
This is largely because email is so ubiquitous as a communications tool and
because technologies designed to protect businesses against email threats are
unable to stop them from reaching users’ inboxes.
Phishing attacks aim to trick users into clicking on a
malicious link or downloading a malicious file attachment. These attacks are
often highly targeted and are becoming more sophisticated, making it difficult
for even the most security conscious users to spot a phishing email from a
Email Security technologies find it difficult to detect
these threats because they often do not appear to be obviously malicious. Email
Security solutions typically utilize third party threat intelligence to
determine if email attachments or URLs are malicious. If the threat is a new
‘zero-day’ threat, which is not flagged by the filters, the email will be
delivered to email inboxes.
The risk from phishing attack have meant businesses have
needed to invest more heavily into more advanced email security solutions, and
into security training for their employees. This is crucial to meet compliance
regulations and help to protect data and employees.
However, Browser Isolation is a new security approach which
aims to help businesses deal with the threat of phishing attacks.
What is Isolation?
Isolation is a new approach to business security, which
moves away from a model of detecting cyber security threats and blocking them.
Instead, all web content is fully isolated on secure servers, and rendered to
users. This removes threats from malicious web pages, and file downloads from
reaching user’s devices and business networks. The main aim of Browser
Isolation is to provide complete protection against web based threats while
keeping a seamless user experience while browsing the web.
Isolation delivers a remote browser to their users, which is
hosted on a physically isolated server built to handle cyber risks. This means
that end users can continue to use the web without disruption, able to view
dynamic web pages as they normally would, and use controls such as copy, paste
and print. It normally does not require any endpoint clients or software to be
installed, is quick to deploy and is scalable.
Menlo Security provides an Isolation service. It renders dynamic web pages to users that isolate all web based threats including malware, viruses and ransomware. It also protects against malicious downloads, by giving users a fully safe rendered version of any web based downloads.
How can browser isolation stop Phishing Attacks?
Browser isolation can protect users against phishing attacks in two ways.
Email Link Isolation
All web content is isolated away from the user device and executed in a cloud isolation platform. This means that any malicious links delivered within email are scanned and isolated, so that only safe and authorized content are delivered to end users.
In addition, based on admin policies that have been set, URLs that are classified as risky or unknown are opened in a ‘read-only’ mode, which means that users cannot input any text on the page. This alleviates the threat of credential theft, by stopping users from filling out forms on unsecure web pages. Some vendors will also display warnings on malicious web pages, which helps to train users on what a phishing page looks like and helping them stop making a similar mistake again.
Email Attachment Isolation
Market leading browser isolation vendors will also isolate contents in email attachments. This means that when a user receives an email with an attachment, the document can be viewed with 100% safety in Isolation, without disrupting the end user experience. This helps to prevent any malware or ransomware infecting business networks from email phishing attacks.
The document can be viewed as normal by users, but any threats will be fully removed. Admins can also give users the ability to download a safe, macro-free version of the document, which means users have no workflow disruption without any threats being able to enter the business network.
Isolation provides businesses with an effective way to block
phishing attacks, by isolating threats within URLs and attachments. This is a
whole new approach to the phishing problem, moving away from the angle of
detecting threats, and towards a ‘zero-trust’ approach of using Isolation to
remove the threats entirely.
If you’re interested in reading more about the different Isolation vendors on the market, visit our Browser Isolation category.