{"id":13430,"date":"2018-09-25T07:00:02","date_gmt":"2018-09-25T15:00:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/09\/25\/news-7197\/"},"modified":"2018-09-25T07:00:02","modified_gmt":"2018-09-25T15:00:02","slug":"news-7197","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/09\/25\/news-7197\/","title":{"rendered":"Stop Office 365 Credential Theft with an Artificial Eye"},"content":{"rendered":"

Credit to Author: Chris Taylor| Date: Tue, 25 Sep 2018 13:00:44 +0000<\/strong><\/p>\n

\"\"<\/p>\n

We all know that email remains by far the number one threat vector facing organizations today. Trend Micro blocked<\/a> more than 20.4 billion threat in the first half of 2018 alone, nearly 83% of which were email borne. But there\u2019s more: corporate email accounts have also become a key target for attackers in their own right. And as Office 365 becomes ever-more popular, its log-in page increasingly represents the frontline in the battle against phishing attacks designed to hijack email accounts. According to Osterman Research, email account takeovers now represent over two-fifths (44%) of enterprise attacks.<\/p>\n

That\u2019s why Trend Micro has developed a new layer of defense to add to our formidable range of email security offerings: innovative capabilities leveraging computer vision and AI to block attacks in real-time.<\/p>\n

Office 365 email under attack<\/strong><\/p>\n

Why are email accounts so highly prized by attackers today? Because email still largely represents the nexus of an employee\u2019s online profile. With the all-important log-ins to that account, hackers could access highly sensitive information from the inbox itself, or perhaps use the account as a \u201cstepping stone\u201d into other corporate systems. They could, for example, use access to craft a highly convincing phishing email sent to that employee\u2019s colleagues elsewhere in the organization. Poor password management by employees also means that once email log-ins have been phished, an attacker could potentially also crack the victim\u2019s other corporate accounts.<\/p>\n

The growing popularity of Office 365 makes these log-ins a prime target for cyber-criminals. Typically a phishing email will be sent to an employee convincing them to click on a link to a website. Classic social engineering tactics are used to convince them to do so: ie, by claiming the mailbox is full; that there is an account issue that needs addressing; or potentially even that there\u2019s an Office document a colleague wants to share.<\/p>\n

\"\"<\/p>\n

The fake Office 365 log-in website the user is taken to can look extremely convincing. The form itself looks identical to the real version, with the same Microsoft favicon. Often the site also has a valid SSL sign and sometimes they are even set-up within a legitimate domain \u2014 making it extremely difficult for the untrained eye to spot.<\/p>\n

\"\"<\/p>\n

Seeing the Fakes with Computer Vision and AI<\/strong><\/p>\n

Trend Micro has always been aware of the huge threat posed by phishing. That\u2019s why we offer multiple layers of protection against malicious sites like these leveraging one of the largest threat intelligence networks on the planet, the Smart Protection Network. Now we\u2019re introducing another tool, which blends computer vision technology with artificial intelligence to \u201csee\u201d fake websites.<\/p>\n

\"\"<\/p>\n

We\u2019ve implemented this technology on our API-based Office 365 protection service, Trend Micro Cloud App Security, which provides a second layer of advanced protection to Microsoft Office 365. The additional computer vision technique is applied to suspected phishing emails after Microsoft Exchange Online Protection and after Trend Micro filtering based on sender, content, and URL reputation. The remaining suspected URLs are further analyzed on-the-fly with the computer vision technique. Even after all of these other filtering methods, the Computer Vision + AI technology detected an additional 33,000 Office 365 credential phishing emails last month for a limited number of Cloud App Security customers.<\/p>\n

\"\"<\/p>\n

 <\/p>\n

Detecting existing Email Account Takeover Attacks<\/strong><\/p>\n

If an email account has been compromised via other means (malware on device, drive-by download\u2026), Cloud App Security can detect if the account starts sending phishing emails externally or internally within the organization with advanced analysis of the content, URLs, and attachments for maliciousness.<\/p>\n

Computer Vision+AI credential phishing detection has been working in the backend for Cloud App Security since April. In the October Cloud App Security release, the logs will start showing which URLs were detected with this new technology as credential phishing sites\/emails. You can learn more about Cloud App Security at www.trendmicro.com\/office365<\/a>,<\/p>\n

The post Stop Office 365 Credential Theft with an Artificial Eye<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Chris Taylor| Date: Tue, 25 Sep 2018 13:00:44 +0000<\/strong><\/p>\n

\"\"<\/p>\n

We all know that email remains by far the number one threat vector facing organizations today. Trend Micro blocked more than 20.4 billion threat in the first half of 2018 alone, nearly 83% of which were email borne. But there\u2019s more: corporate email accounts have also become a key target for attackers in their own…<\/p>\n

The post Stop Office 365 Credential Theft with an Artificial Eye<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10245,1001,10516,17374,3924,714],"class_list":["post-13430","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-ai","tag-business","tag-microsoft","tag-office-365","tag-phishing","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13430","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13430"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13430\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13430"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13430"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13430"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}