Contact Us




Change Locale

Phishing Attack Shut Down in 19 Minutes with Cofense Triage

Uncategorized | Posted on August 14, 2018 by schap

Imagine a cunning phisher: he knows his craft and sends your users an email appearing to come from your CEO that bypasses all your other technology. What would you do?

One of our customers faced that very scenario and relied on Cofense TriageTM and the Cofense Phishing Defense Center (PDC) to analyze and respond to the attack in less than 20 minutes after it launched.

The phishing email was sophisticated.

The customer, VP of Information Security for a healthcare company, leverages Cofense Triage, managed by the PDC, to automate analysis of suspicious emails reported by employees as well as phishing attack response.

“An attacker sent an email that showed he’d really done his homework,” said the VP. “The email looked and sounded exactly as though our CEO had sent it. The attacker had clearly gone to our website and noticed our ethics policy. Mimicking language on the site, the email reminded employees about the policy and, like the simulated election email we sent, asked people to click a link to agree they would follow the rules.”

But our customer was ready.

The link took them to a counterfeit Office365 page that asked for login credentials. The goal of the phishing attack was to harvest passwords, gain file system access and steer automatic payroll deposits into the attackers’ accounts. The email was highly believable, with several thousand recipients clicking on it.

Fortunately, within 60 seconds after the phishing attack began, employees trained through Cofense PhishMeTM reported the email so it could go straight into Cofense Triage for analysis. After escalating the incident and conducting a thorough investigation, the PDC called the customer, who blocked the phishing site, retracted the email, and stopped the rerouting of payroll.

“If we hadn’t been prepared, the damage would have been worse,” said the VP. “We were able to retract the email in under 20 minutes.”

Read the full case study for a minute-by-minute account. Besides learning more about Cofense Triage, you’ll see how this customer uses Cofense PhishMe to train employees to recognize phishes and Cofense ReporterTM to report them for investigation.

New Cofense Triage features now orchestrate even faster response.

As this customer’s story shows, Cofense Triage has always helped to find threats fast. Now, a series of updates accelerate response through seamless orchestration:

  • Our Who Else feature identifies users who click on reported emails, so you can quickly find and mitigate any damage.
  • Noise Reduction helps you cut through the noise of commercial emails to find real threats; put another way, it separates spam and the like from malicious emails, making the haystack smaller.
  • Our API makes it easy to integrate Cofense Triage with other incident response systems.

Together, these updates speed your ability to analyze emails and hunt down threats. Learn more about orchestrating a faster response to phishing.

This article was originally published here.

Related Articles

In 2019, Softchoice’s Innovation Executive Forum (IEF) toured North American cities once again and learned first-hand how IT leaders are driving transformation and delivering outcomes in their organizations. In this new Digital Transformation Trends report, we bring you the Top 10 highlights from our roundtable discussions in Atlanta, Denver, and Toronto. These insights were shared by groups […]

Culture | January 20, 2020 by Karen Scott

Our Commitment   At Softchoice, we are committed to providing an engaging and inclusive environment where every employee can bring their whole self to work. Softchoice believes in creating an environment where all employees – regardless of gender, age, sexual orientation, race, religion or cultural background – feel accepted and supported to succeed. And I recognize that this […]

If the last 12 months have taught us anything about digital transformation leaders, it’s this: cybersecurity is a central concern. And it’s going to get harder before it gets easier. As we toured North America with the Innovation Executive Forum, cybersecurity came up in multiple contexts, across multiple industries, across a whole gamut of departments, […]