Securonix, Inc., a leader in next-generation SIEM, today released the Securonix Phishing Analyzer capability, powered by machine learning-based visual similarity analytics. An extension of Securonix’s Remote Workforce Monitoring solution and designed by Securonix’s COVID-19 Task Force of data scientists, threat researchers, and detection engineers, the new solution enables organizations to detect advanced phishing and business email compromise (BEC) threats.
In conjunction with the announcement, the Securonix COVID-19 Task Force has released its latest Cyber Threat Update. The update details active phishing and business email compromise threats global enterprises are currently facing, driving the release and functionality of the new Securonix Phishing Analyzer.
“Phishing and BEC attacks are on the rise as attackers are using the fear and anxiety of COVID-19 to target victims. The challenge is that most of the related attack domains are new and have not been blacklisted or categorized as malicious,” said Nanda Santhana, SVP, Cyber Security Solutions, Securonix. “By combining the intelligence of our Threat Research Team and COVID-19 Task Force, with the advanced detection capabilities of machine learning-based visual similarity analytics, our new solution enables organizations to identify and avoid today’s advanced threats.”
Since January, more than 72,000 domains have been created mentioning “coronavirus,” “COVID,” and “COVID-19”. Securonix’s Phishing Analyzer is designed to identify visually similar emails at scale with a minimal false positive rate. The solution leverages a modified Levenshtein distance algorithm to detect:
- Typosquatting Phishing Attacks: malicious attackers use domain names that are spelled differently from the established name, but use the same character set (e.g. Securonix, Securonlx, Secur0nix). The Securonix visual similarity algorithm calculates the similarity score for each business domain with thresholds that are adjustable to minimize false positive rates.
- Business Email Compromise (BEC): BEC attackers use the identity of a recognized individual on a corporate network to track targets and lure them to respond with sensitive data or financial transactions. The Securonix algorithm analyzes email sender information against legitimate employee and email sender information to detect malicious activity by consuming organizational HR data including first name, last name and titles. The solution also has the ability to build a chain command to specifically prioritize email compromise attempts for executives.
“In a remote workforce environment, employees don’t have the luxury of walking down the hall to discuss the validity of a suspicious email with colleagues appearing to come from a company executive or trusted source,” said Igor Baikalov, Chief Scientist, Securonix. “With our new Phishing Analyzer, threat intelligence data and data from the global Securonix customer network powers highly accurate machine learning decisions on phishing and BEC threats that are proactively applied across organizations through Securonix’s SaaS-based deployment model.”
The Securonix platform delivers positive security outcomes with zero infrastructure to manage. It provides analytics-driven next-generation SIEM, UEBA, and security data lake capabilities as a pure cloud solution, without needing to compromise. To learn more about Securonix, its products and services, visit www.securonix.com or follow us on LinkedIn, Facebook and Twitter.