Typically, anti-phishing protection is a hammer that views every malicious site as a similarly-sized nail. It discovers a phishing site, slates it for removal, and eventually removes it from the internet so that users can’t click on or enter their credentials into it. However, as far as the anti-phishing solution is concerned, every attack has the same exact urgency and risk classification. This is because there is no way to know the extent of whether a given phishing site is luring more victims than any other one. A bank or enterprise has no visibility into whether the phishing site they are currently working on eliminating has victimized thousands of users or none at all. How can organizations allocate anti-phishing resources efficiently without this crucial data?
In an ideal world, every detected phishing attack could be removed instantly regardless of victim count. But in practice, security is a series of tradeoffs, culminating in the need to mitigate the greatest amount of risk with the fewest available resources. If you try and defend against every potential risk factor all at once, you may be focusing on too many threats with a low risk level at the expense of leaving more dangerous attacks live in the meantime. Most anti-phishing solutions simply can’t tell when individual attacks are raking in a critical mass of customers, and this hampers their ability to effectively limit the financial losses of phishing threats.
To remedy this, last year, Cyxtera introduced the Victim Insights feature as part of its Digital Threat Protection solution. Version 1.0 allowed Cyxtera customers to see which phishing sites were trapping the most victims so that organizations could prioritize those sites for mitigation and removal. In addition, the first version of Victim Insights provided actionable intelligence on phishing attack victims’ IP addresses, countries, and phishing site visit logs. Watch this short video to see Victim Insights in action.
Cyxtera is proud to announce that Victim Insights has now been enhanced to include even more data about end users targeted by phishing attacks. Version 2.0 of Victim Insights now includes information about the specific credentials users entered into phishing websites to identify themselves, such as usernames and email addresses. With this latest addition to Victim Insights, our customers now have the tools they need to blunt phishing’s hook. Armed with information about which users have fallen victim to phishing attacks, organizations can now mitigate their effects against those users almost immediately. Enabling near-instantaneous phishing attack mitigation for particular users will further discourage hackers from targeting your organization, as the costs associated with attacking such a fortified organization will discourage future attacks and force cybercriminals to look elsewhere for easier prey.
For more information on Victim Insights and the Digital Threat Protection suite, click here.