Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Covid-19 Exposes a Newly Remote Workforce to More Evasive Phishing Attacks

With the world threatened and preoccupied by Covid-19, cybercriminals are taking advantage of the chaos. In the past month, we’ve seen:

Before Covid-19, 78% of Microsoft 365 administrators reported security breaches, citing phishing as the leading cause. Now scammers are rushing to target scattered workforces that are distracted, stressed, and accessing cloud systems from their home networks.

Covid-19 is the perfect storm for cloud inbox security

In response to the pandemic, many enterprises abruptly adopted new tools and protocols. Cloud inboxes have long been more vulnerable than on-premises email platforms–enterprises using Microsoft 365 consistently report a higher average incidence of successful phishing attacks than they experienced with on-prem. Companies that switched quickly won’t have additional safety measures in place.

And those safety measures will be delayed. IT admins and SOC teams were already stretched to the limit. Their cybersecurity skills are in short supply, and sick/depleted staff will struggle to respond to the growing alerts they are bombarded with.

And, cruelly, phishing and fraud attacks are designed to create a sense of urgency. They induce people to click or follow instructions–reflexive behavior for an on-edge workforce. According to the 2019 Global Data Exposure Report, “78% of CSOs and 65% of CEOs admit to clicking on a link they should not have, showing that no level of employee is immune to lapses in judgment.”

It’s time to layer Inbox Detection and Response on top of SEGs

Enterprises using cloud-hosted email urgently need an inner layer of email security called Inbox Detection and Response (IDR).  While trusty features like Microsoft Safe Links filter spam and known threats, it can’t detect all sophisticated/evasive attacks like spear phishing attacks and cousin domain spoofing.

IDR solutions instead hook into users’ inboxes, continuously scan all inbound and outbound emails in all folders​, and automatically follow links. They check URLs for favicons, mismatched logos, legitimate site maps, domain owners, security certificates, even regionalized code – all indicators that help flag, “Is this a valid email or is it phishing?”

Best of all, when threats are uncovered, IDR solutions can automatically delete every copy across every mailbox. This automatic remediation removes the burden on the email administrator or security analyst and massively reduces the feared “window of vulnerability” caused by malicious emails lingering for lengthy periods within the reach of users.

Ready to learn more about defensive architectures with continuous email monitoring and detection?
Read the whitepaper A New Vision for Phishing Defense: Inbox Detection & Response

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...