SPEAR-PHISHING

The highly-targeted and well-researched form of phishing

WHAT IS SPEAR-PHISHING?

Spear-Phishing attacks are emails that appear to come from a known or trusted source in order to dupe targeted individuals to reveal confidential information. It differs from phishing emails which are more generic and sent to thousands of recipients.

91% of cyberattacks start with a phishing email

91% of all cyber attacks begin with a phishing email to an unexpected victim

(source: Deloitte)

Over 200K Unique Phish Sites

In 2021, 214,345 unique phishing websites were identified, with recent phishing attacks doubling since early 2020

(source: Cybertalk)

60%+ of companies
go out of business

More than 60% of businesses close permanently within 6 months of a cyber-attack.

(source: Inc.com)


WHAT DOES SPEAR-PHISHING LOOK LIKE?

Spear-phishing emails typically impersonate a well-known brand or trusted source and contain a link to a faked login page. The combination of familiar branding and requiring urgent action can be enough to trick even well-trained employees to click through and submit their passwords.

Brand Impersonation

With the display name “Microsoft Team” and the domain name “emailsupport.co” the attacker is attempting to masquerade as Microsoft support.

Specifically Targeted

This email is specifically targeted Jim Halpert, as he is in the accounts payable department Paperco, with the aim of gaining access to their mailbox.

Faked Login Page

The email contains a link to an expertly spoofed Office 365 login page, which is virtually indistinguishable from the genuine Office 365 login page.

HOW DOES MESH PROTECT AGAINST
SPEAR-PHISHING?

Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.

URL Protect

All links in the email are subjected to scanning against real-time threat feeds for known and unknown malicious sites as well as fake login pages and phishing sites. Links to unknown or suspicious objects are sandboxed

Attachment Sandboxing

Unknown and potentially malicious attachments are detonated in a virtual environment to determine their behavior, protecting against never-before-seen, zero-hour threats like polymorphic malware.

Antimalware Engines

Mesh uses a combination of commercial and proprietary engines to perform signature and heuristic-based scanning in order to detect known and unknown, types of malware such as viruses, ransomware and trojans.

Its ability to detect emails specifically targeting high-risk individuals is incredibly reassuring

Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”

Get the full case-study ⟶

Jason Gilmer
Network Admin at Reading Bakery Systems

reading bakery logo

Ready to get started?

Make your customers safer and
your MSP more efficient.

MSP Success Stories

Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.

View Success Stories →

Mesh is not for everyone

We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.

Learn Why →