PHISHING

The always evolving email scam

WHAT IS PHISHING?

Phishing is a type of social engineering where an attacker sends a spoofed email designed to trick a victim into revealing sensitive information, or to deploy malicious software on the victim's infrastructure.

91% shown in a blue circle

91% of cyberattacks start with a phishing email

91% of all cyber attacks begin with a phishing email to an unexpected victim

(source: Deloitte)

closed sign

60%+ of companies
go out of business

More than 60% of businesses close permanently within 6 months of a cyber-attack.

(source: Inc.com)

Over 200K Unique Phish Sites

In 2021, 214,345 unique phishing websites were identified, with recent phishing attacks doubling since early 2020

(source: Cybertalk)

WHAT DOES PHISHING LOOK LIKE?

Phishing emails are an extremely successful method of stealing information for cybercriminals. Typically, a bad actor will impersonate a recognizable brand or a person known to the victim, to trick a them into clicking on a link or attachment. This can lead to personal financial and/or data theft.

Mass Phishing campaigns are a numbers game. By leveraging the ubiquity of a brand like Netflix, the email will likely appear relevant to a sizeable portion of recipients. Attacks like this can easily be sent to a million recipients. A success rate of only 0.5% still results in 5,000 infections or stolen credentials that be used in future, more-targeted scams, making these phishing campaigns a very worthwhile exercise for bad actors.

phishing email from nextflix

Brand Impersonation

With the display name “Netflix” the attacker is attempting to masquerade as Netflix. On a mobile device, the recipient will likely only see the display name.

Contains a Deadline

The attacker creates a sense of urgency by telling the user they have 48 hours to comply.

Credential Theft

The call to action links to a fake login page designed to steal the user’s credentials.

HOW DOES MESH PROTECT AGAINST PHISHING?

Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.

URL Protect

All links in the email are subjected to scanning against real-time threat feeds for known and unknown malicious sites as well as fake login pages and phishing sites. Links to unknown or suspicious objects are sandboxed.

Attachment Sandboxing

Unknown and potentially malicious attachments are detonated in a virtual environment to determine their behavior, protecting against never-before-seen, zero-hour threats like polymorphic malware.

Antimalware Engines

Mesh uses a combination of commercial and proprietary engines to perform signature and heuristic-based scanning in order to detect known and unknown, types of malware such as viruses, ransomware and trojans.

Its ability to detect emails specifically targeting high-risk individuals is incredibly reassuring

Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”

Get the full case-study ⟶

Jason Gilmer
Network Admin at Reading Bakery Systems

reading bakery systems logo

Ready to get started?

Make your customers safer and
your MSP more efficient.

MSP Success Stories

Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.

View Success Stories →

Mesh is not for everyone

We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.

Learn Why →