This Company



                 Stopped a Phishing



                 Attack in 19 Minutes




                 by Cofense, Inc.






           t was an  ordinary  day  for  Cofense  combined  employee-           electronic transfers himself.
           employees    of   a    national  sourced intel and automated  11:49 a.m. Employees  begin
           healthcare  company. Lots of  analysis  to work with company’s  reporting the email as suspicious.
       Iemails on the usual subjects:  security team and mitigate in less  The email was quite convincing.
        meeting invites, questions from  than 20 minutes.  For security  Many             employees       clicked.
        colleagues. Nothing really special.  reasons, the company will remain  Fortunately,  enough  well-trained
        But  when employees received a  unnamed.                                users looked  at the message
        message from their CEO, they  11.48  a.m.  The spear  phishing  carefully.  The company  uses
        snapped to attention.               campaign launches.                  Cofense PhishMeTM for phishing
        The email asked them to read and  The email showed the attacker  awareness training. It also equips
        agree to a company policy. Simple.  “had really done his homework,”  users with the Cofense ReporterTM
        Just  click on a  link, which took  according  to the company’s Vice  plug-in to report suspicious emails
        them to a login page—from there,  President of Information Security.  with a single click.
        they’d enter their  credentials and  “The email looked and sounded  One of the simulated phishes the
        go to the policy page.              exactly as  though our CEO  had  company  had  used  in  training
        But  the  sender wasn’t the  CEO.  sent it.”                            spoofed the HR department—like
        He was a talented fraudster.        It was a sophisticated  twist on  the email the real attacker sent, the
        The attacker aimed  to harvest  business        email    compromise     simulation asked users to click an
        passwords,  gain  file  system  (BEC), which  according  to the  embedded link to agree to a policy.
        access, and  reroute  electronic  FBI defrauds businesses  of over  When they  encountered the real
        payroll  deposits.  And he almost  $12 billion  annually.1 Most BEC  deal, alert employees reported it a
        succeeded.                          scams ask their targets to wire  minute after the attack began.
        Let’s take a minute-by-minute look  funds. In this case, the attacker
        at  the phishing attack—and how  used credential phishing to reroute

                                                     CYBER DEFENSE MAGAZINE – ANNUAL GLOBAL PRINT EDITION 2018  – SPONSORED BY TREND MICRO  17