Email phishing remediation outfit Ironscales is looking for security resellers to roll out its goods in the UK
Ironscales was founded in 2013 by CEO Eyal Benishti to provide and intelligence capabilities on phishing emails.
He said that there were only two major email security solutions. The first is the more traditional gateway or filter that sits on the network or the cloud, with the emails going through and trying to decide if they should be let through or not.
While these are good at filtering out spam or known attacks, but it’s at least a couple of hours before they can spot new attacks. The other technique involves training which stops around 80 per cent of attacks.
Ironscales works on the idea that you use machine learning and human interaction. The machine learning aspect of the software quarantines malicious content, but it will also learn from the use commands.
It operates both on end-point devices – in the form of a plug-in for the likes of Microsoft Outlook and Gmail – and also on the perimeter or in the cloud.
The company launched into the UK two months ago and now has two employees, with more set to follow soon to increase its sales and presales presence. The vendor has four UK channel partners, but wants more managed security service providers.
It signed a deal with Check Point, which sees the vendor support Ironscales’ sandbox solution, which Benishti said provides a strong proposition for current Check Point partners to bolt on Ironscales’ products.
However, the company wants channel partners that have no anti-phishing solution and those who want to replace a traditional solution like email filtering.
A channel programme is expected to be launched in the coming months along with moves into mainland Europe with an initial focus on the Nordics.
Every single day roughly 3,000 UK web users were sent a phishing attack between 2012 and 2013, triple the levels seen between 2011 and 2012.
That’s according to a new Kaspersky Lab’s report, “the evolution of phishing attacks”, revealing what was once a subset of spam has grown into its own category of cyber attack. The most targeted websites were Facebook, Yahoo, Google and Amazon, with Facebook and Yahoo overwhelmingly ahead as targeted sites.
Worldwide, attacks reached an average of 102,100 people each day, with the most common targets being web users in Russia, the United States, India, Vietnam and the UK. Most servers hosting the phishing pages were registered in the USA, the UK, Germany. Russia and India.
Kaspersky discovered that half of all identified attack sources came from only 10 countries, signifying there is quite a small number of preferred regions from which to launch the attacks.
20 percent of phishing attacks were set up to mimic banks or financial organisations.
Kaspersky’s deputy CTO for research, Nikiti Shvetsov, said the enormous increase shows that phishing is not just a subset for spammers. “These attacks are relatively simple to organise and are demonstrably effective, attracting an increasing number of cybercriminals,” Shvetsov said.
Online fraud is on the increase, providing a windfall for security firms trying to pitch packages to cash strapped businesses.
The latest figures from the National Fraud Authority show that account takeover fraud rose by 53 percent compared with the previous year.
This means that those frauds where the criminal requires identity details accounted for almost two thirds of all frauds recorded by CIFAS in 2012.
More than 8.8 percent of UK adults were a victim of this fraud and those who lost cash tended to lose an average of £1,203 each.
Stephen Harrison, National Fraud Authority Chief Executive estimated that this year’s AFI has put the loss to the UK economy from fraud at £52 billion.
He said that private sector businesses suffer the highest levels of loss and can also suffer other impacts like reputational damage. Loss to smaller businesses can even put their future at risk.
Trusteer, which makes products for cybercrime prevention, said it has seen an increase in the number of Man in The Browser (MiTB) malware activity, and in the sophistication and techniques cybercriminals use to steal credentials and credit card data.
A Trusteer spokesperson said that as infection rates increase, account takeover fraud, and account fraud, is becoming a top threat for organisations.
This is not just a matter of providing companies with software or hardware to fix.
Companies need to come up with a holistic approach which encompasses endpoint security as well as clientless detection and conclusive event correlation is required.
This means that security resellers are having to create layered security covering PC and Macs, desktops and mobile, client and client-less solutions.