We are proud to announce the roll out of version 1.1.0 of Cloudphish! This update includes a variety of enhancements responding to customer feedback providing users with a new level of usability, security, and control. Two new tools have been incorporating into Cloudphish allowing new means of identifying phishing attempts available to all users
Cousin Email Detection
Cousin email impersonation is the very common practice of creating an email address that closely resembles that of the expected sender. Cloudphish has always been able to identify unverified messages, but Cloudphish is also uniquely positioned to provide cousin email detection by comparing the email addresses of incoming emails against your trusted network. Cousin email attempts resembling a trusted email or domain will identified and the user will now be notified of these attacks.
Domain Maturity Verification
Along with cousin emails from trusted contacts, emails resembling well known brands or organizations are often used in phishing attempts. Because phishing sites are typically churned and burned, the domains used for these purposes are usually recently registered. Cloudphish now checks the registration date of the domains of incoming emails allowing users to be alerted when a domain has been registered within the last 90 days. An immature domain is not always a sign of a phishing attempt but it can be an indication that further scrutiny is required. This feature provides users with additional insight to make an informed determination concerning the legitimacy of an email.
An enterprise administration portal has been deployed to allow cyber security professionals to manage and maintain their organization’s Cloudphish experience. The portal allows administrators to set up and maintain users and set the trusted network for all users. Configuration options have also been added allowing administrators to set which conditions trigger user alerts (unknown users, outside network, unknown device, cousin attempt, immature domain) and control whether or not users can modify their own network.
Rather than displaying an alert for every email received, the default alert settings have been changed to focus on the alerts that matter most to the user. In an effort to avoid complacency from too many warning messages, only emails that represent a credible threat will be announced as well as those that have passed validation and can be trusted. Enterprise users can change these options to suit their own needs.
Outlook Online UI Update
Microsoft rolled out a new user interface for their Outlook web module over the weekend and updates have been made to ensure Cloudphish usage will not be interrupted.