URL Defense is Becoming An important Part Of Cyber Security
With the meteoric rise in targeted phishing attacks, one fact has remained constant: they all start with email. Spam filters block spam – more than 99.95% of it. While only 1 out of 2000 spam emails would get through to pester your colleagues, targeted phishing is its own beast, and requires its own protection. Often sent to known, specific users and carefully masked to appear legitimate, they are often meant to carry out BEC attacks, phish for credentials or deliver malware – and that’s where malicious links become so dangerous. 1 In 10 employees will click on a malicious link, and links or hosted content can also become malicious after they are delivered via email, meaning they pass a conventional/gateway scan and rest in your inboxes. This is why URL Defense is becoming increasingly integral to a cybersecurity plan.
Since we get so many questions on it, we thought we’d deliver a primer on why t/his fact makes URL Defense so critical for email security today, and what makes the value of our time-of-click URL Defense so different from that offered by legacy vendors.
What is URL Defense?
In a targeted phishing email, the attacker will send and test 1000’s of messages to come up with a perfectly legitimate looking and effective email. They will test everything. Subject lines, reply-to and header from addresses, and all the fine details that go into a perfectly illegitimate email. The goal is nearly singular – they need you to click on a link, reply with targeted information, or follow their instructions without thinking. (Imagine, a reply to a long lost prince used to be enough.)
With HTML email, you can view the destination of a link before clicking (by hovering over it, for example), but if you are doing so, you are probably not in the 10% who would click on a malicious link. URL Defense is a solution for those who might click the link and without knowing where it actually leads (read: the majority of users), submit a password (could this have saved the DNC?) or download malicious spyware, ransomware or other executable software and lose control of their device entirely.
How does URL Defense work?
URL Defense rewrites destination URLs as they pass through your email gateway, allowing any click to be routed through the product at the time its clicked, giving an up-to-the-moment picture of whether a URL is malicious or not and whether a user should end up at the destination.
With URL Defense, before you land on the destination URL, many factors are taken into account to gauge the risk of the destination as malicious. A range of factors are accumulated, and the result is scored. Factors include: Alexa Rankings, Email Velocity, sender reputation, previous gathered data about other malicious links and more. URL Defense will also scan the destination website for malicious code or redirects to other malicious sites.
If a website is deemed malicious, the user is blocked from access, and they can’t circumvent it without contacting the system admin. Users will rarely notice a difference, except that they may see rewritten URLs while hovering over the emails HTML links.
What Does URL Defense Protect Against?
Threats that start with a link contained in an email body are addressed with URL Defense. This addresses a rapidly growing threat – for instance, phishing attacks using malicious URLs rose more than 600% in Q3 2017, when measured year-over-year.
Ransomware, Targeted Phishing, drive-by downloads and more are all are often initiated with a malicious link. What’s more, URL defense stops this from happening no matter the device, because the link will be delivered rewritten no matter the email client used to access and click on the link.
URL Defense is an essential cornerstone of any email security strategy. It dramatically reduces the ability of both targeted threats to infiltrate your organization and more random attacks to take advantage of user inattention. It’s also easy to implement, manage and has a great return on investment, and has no impact on your employees productivity – except of course in how it maintains a safe working environment and keeps email secure, so they can continue their work uninterrupted by email threats.
- Proofpoint’s threat report from Q3 2017 shows the growing need for URL Defense.
- Check out our URL Solution and get a deeper look at the features to expect in a URL Defense solution.
- Download our modusCloud URL Defense Datasheet Here.