Phishing today is a top internet threat, as phishers aim to induce users to provide sensitive or confidential information which can be used or monetized, like their credentials for online banking, payment services like PayPal, or trusted commercial brands like Apple and Amazon. Whether initiated by clicking a malicious URL in an email or a fake website advertising banner, phishing activity continues to grow dramatically in volume, variety, sophistication and speed, reinforced by the emerging “phishing-as-a-service” ecosystem.
A report by The Aberdeen Group (November 2017) emphasizes the fundamental importance of the speed of detection for successful phishing defenses today, underscoring “how much is at stake based on just the first few minutes” of today’s fast-moving phishing campaigns. Study data in the highly regarded Verizon DBIR report (2016) showed a median elapsed time of only 1 minute 40 seconds from attack initiation to the first open of a phishing email, and other studies have established that 55% of eventual phishing victims get hooked in the first hour (KnowBe4, 2017). Worthwhile phishing detection must therefore be extremely fast.
Fastest time to detection
The automated daily analysis of billions of internet transactions in both web and email traffic – undertaken by Cyren’s GlobalView™ Threat Intelligence Cloud – provides an unmatched view of phishing and fraud threats in real time as they emerge. Cyren is able to extract URLs from this traffic by applying unique technology and algorithms, then analyze them within seconds of the beginning of an attack and provide actionable information immediately.
Cyren GlobalView accomplishes this by integrating techniques including Cyren’s patented Recurrent Pattern DetectionTM (RPD); real-time crawling by sophisticated machine-learning algorithms; heuristics and advanced detection logic; and cross- correlation with recent threat intelligence history. Expert security analysts fine-tune the detection logic to ensure continued detection accuracy.
Cyren thus detects tens of thousands of new Phishing and Fraud URLs every day, providing valuable intelligence utilized by many of the world’s leading security vendors and service providers, and adding to the millions of active phishing URLs being monitored by Cyren at any given moment.
Different delivery methods are supported, including by email, Rsync, and HTTP in intervals of up to 5 minutes.