Snuffing out a phishing attack before it’s got started is easier than you think

Snuffing out a phishing attack before it’s got started is easier than you think

How proper employee cyber-training and robust defence software saved a company from huge losses with minutes to spare.

If a cunning phisher sent your users an email appearing to come from your CEO that bypassed perimeter technology, what would you do?

A large healthcare company faced that very scenario. A phishing attack was able to slip past its secure email gateway to land in users’ inboxes. But, by using Cofense’s phishing defence solution, the organisation was able to detect, analyse and remediate the attack less than 20 minutes after it began.

The phishing email was sophisticated. “An attacker sent an email that showed he’d really done his homework,” said the company’s VP of information security. “The email looked and sounded exactly as though our CEO had sent it. The attacker had clearly gone to our website and noticed our ethics policy. Mimicking language on the site, the email reminded employees about the policy and asked people to click a link to agree they would follow the rules.”

But the healthcare company was ready. The link went to a counterfeit Office365 page that asked for login credentials. The goal of the phishing attack was to harvest passwords, gain file system access and steer automatic payroll deposits into the attackers’ accounts. The email was highly believable, with several thousand recipients clicking on it.

Fortunately, 60 seconds after the phishing attack began, employees trained through Cofense PhishMe™, reported the email, so it could go straight into Cofense Triage™ for analysis. After escalating the incident and conducting a thorough investigation, the Cofense Phishing Defense Center™ (PDC) contacted the company’s IT team, who blocked the phishing site, retracted the email and stopped the rerouting of payroll.

“If we hadn’t been prepared, the damage would have been worse. Working with the Cofense PDC, we were able to retract the email in under 20 minutes,” said the VP.


Download the eBook for a minute-by-minute account of how users and security professionals worked together to avoid a major breach here.

Copyright Lyonsdown Limited 2021

Top Articles

The expert view: Accelerating the journey to the cloud

At a virtual seminar on 9 June 2021, sponsored by managed IT service provider Sungard Availability Services, eight senior IT decision makers gathered to discuss how organisations can accelerate their…

Ransomware attacks and the future role of the CISO - teissTalk

On 18 May, teissTalk host Jenny Radcliffe was joined by a panel of four cybersecurity experts in a wide-ranging discussion that covered government actions, ransomware attacks and the future of…

Communicating a Data Breach: Best Practices

When customers trust you with their personal data, they are expecting it to be protected. This means your response to a data breach is imperative and can make or break…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]