Unlike the majority of email security measures, Cloudphish is not focused on identifying invalid or fraudulent emails, but on valid ones. In any email ecosystem there are a myriad of ways an illegitimate email can manifest itself. Within the Cloudphish platform there is only one way an email can be valid, it must be sent from an email address within your trusted network and from a device that the sending user has authorized. Cloudphish validation is performed using data generated and stored outside the email itself (metadata, headers, content, etc), so the legitimacy of the email cannot be counterfeit. Regardless of the technical strategy of the phishing email producer (even those not invented yet) Cloudphish is prepared to overcome them.
Typical Cloudphish Scenarios
Lets take a look at a few very common examples where Cloudphish can help. You get an email from Joe in accounting but instead of accounting.com it came from accountiing.com, or maybe accounting.net. In either of these cases, the phishing email producer may have taken the time and care to ensure that messages from this domain pass all valid email tests and no spam filter will pick this up as fraudulent. At this point the message has reached your inbox and it’s up to you to catch a slight change in the address before proceeding.
Cloudphish Catches What You Miss
If you and Joe are Cloudphish users, instead of waiting for an extra i to jump out at you and set off a red flag in your mind, a literal red flag would be presented to you indicating that Joe never sent this message.
Cloudphish Catches What Your Email Security Systems Miss
The same could be true if the phishing email was spoofed. Whether by through a forged email address that really did say email@example.com or through IP or GPS spoofing to gain access to your network, if such an email got through traditional security systems you as the end user would have no indication that the email was invalid without Cloudphish. Likewise if the user did really access Joe’s email account by hacking his cloud-based Outlook account you would still be able to identify emails sent as fraudulent because they did not originate from a verified device.
With Cloudphish, Joe’s network is defended.
Motivated Cybercriminals Can Do a Great Deal of Damage With a Small Opening
This last concept is of particular importance to overall organizational security and can lead to a widespread breach. Cybercriminals often seek a single point of entrance that can be used as a staging area for a broadly sweeping attack. If Joe did respond to a phishing email or open an attachment that led to his account being compromised, emails sent from his account would be undetectable to any traditional security method. This can affect Joe’s coworkers, customers, friends, etc. that have no indication that emails being sent aren’t coming from Joe. With Cloudphish, Joe’s network is defended. The breach, if it does occur, will be limited to him because his contacts will be immediately aware that these emails are not valid.
Cloudphish Offers a New and Effective Level of Security
Cloudphish seeks to empower you and your users. It takes the guesswork out of identifying phishing emails within your network of correspondents. It protects both you and your reputation today and in an evolving environment. Don’t leave your email security to chance, give us a call or send us an email today. We’d be happy to help.