Contact Us




Change Locale

Phishing Attack Shut Down in 19 Minutes with Cofense Triage

Uncategorized | Posted on August 14, 2018 by schap

Imagine a cunning phisher: he knows his craft and sends your users an email appearing to come from your CEO that bypasses all your other technology. What would you do?

One of our customers faced that very scenario and relied on Cofense TriageTM and the Cofense Phishing Defense Center (PDC) to analyze and respond to the attack in less than 20 minutes after it launched.

The phishing email was sophisticated.

The customer, VP of Information Security for a healthcare company, leverages Cofense Triage, managed by the PDC, to automate analysis of suspicious emails reported by employees as well as phishing attack response.

“An attacker sent an email that showed he’d really done his homework,” said the VP. “The email looked and sounded exactly as though our CEO had sent it. The attacker had clearly gone to our website and noticed our ethics policy. Mimicking language on the site, the email reminded employees about the policy and, like the simulated election email we sent, asked people to click a link to agree they would follow the rules.”

But our customer was ready.

The link took them to a counterfeit Office365 page that asked for login credentials. The goal of the phishing attack was to harvest passwords, gain file system access and steer automatic payroll deposits into the attackers’ accounts. The email was highly believable, with several thousand recipients clicking on it.

Fortunately, within 60 seconds after the phishing attack began, employees trained through Cofense PhishMeTM reported the email so it could go straight into Cofense Triage for analysis. After escalating the incident and conducting a thorough investigation, the PDC called the customer, who blocked the phishing site, retracted the email, and stopped the rerouting of payroll.

“If we hadn’t been prepared, the damage would have been worse,” said the VP. “We were able to retract the email in under 20 minutes.”

Read the full case study for a minute-by-minute account. Besides learning more about Cofense Triage, you’ll see how this customer uses Cofense PhishMe to train employees to recognize phishes and Cofense ReporterTM to report them for investigation.

New Cofense Triage features now orchestrate even faster response.

As this customer’s story shows, Cofense Triage has always helped to find threats fast. Now, a series of updates accelerate response through seamless orchestration:

  • Our Who Else feature identifies users who click on reported emails, so you can quickly find and mitigate any damage.
  • Noise Reduction helps you cut through the noise of commercial emails to find real threats; put another way, it separates spam and the like from malicious emails, making the haystack smaller.
  • Our API makes it easy to integrate Cofense Triage with other incident response systems.

Together, these updates speed your ability to analyze emails and hunt down threats. Learn more about orchestrating a faster response to phishing.

This article was originally published here.

Related Articles

Innovation Executive Forum | September 13, 2019 by Karen Bader

Enterprises today understand the requirement to combat slow and low end-user adoption, especially when the solutions are intended to transform the way people work, as with new communications and collaboration tools. For years, Softchoice has been offering end-to-end, turnkey adoption services, helping businesses across North America unlock more value, quickly, from their key collaboration investments. […]

Uncategorized | August 28, 2019 by Susana Byun

Here are your top 10 must-read Microsoft announcements from August 2019 curated by Softchoice:

There are two kinds of cloud enterprises. Those that are “born in the cloud” — have come into being without ever owning a data center. And those that are migrating to the cloud, piece by piece, with varying senses of urgency and speed.