Closing the Window on Losses to Phishing

CLOSING THE WINDOW ON LOSSES TO PHISHING Phishing is increasingly expensive and painful as cybercriminals find new ways to fool consumers and cash out stolen login credentials. 01 PHISHING BY THE NUMBERS THERE WERE MORE THAN 150,000+ 200.000 PHISHING ATTACKS WORLDWIDE IN 2012 unique domain names were used Phishing sites are typically live for more than 10 hours a APWG Global Phisting Surveys 1H2012 & 2H2012 1 day MORE THAN 60 Banks e-commerce sites Social networks INSTITUTIONS WERE TARGETED" ISPS Government tax bureaus Online gaming sites Postal services b PayPal is the most-targated institution Securities companies イイイ More than 30 billion spam messages are sent every day c Symatec THE COST OF ONLINE FRAUD AND THEFT IS ESTIMATED AT $70.2 BILLION ANNUALLY THE COSTS OF PHISHING 02 IMMEDIATE Money reimbursed to compromised accounts Fees paid to takedown vendors LONG-TERM Customer alienation Brand erosion TYPICAL PHISHING TIMELINE 03 *** campaign containing phishing link Customer dicks on the link Customer is taken to what appears to be your brand's website Customer enters their login credentials first four hours that a Cyber-criminal sends a spam email Phishing site launched Most credentials are stolen during the phishing site is lve INTELLIGENCE-BASED APPROACH -> PROACTIVE 04 TACKLING PHISHING An intelligence-based process employs techniques honed over years of research and data collection 1. Identify suspicious sites Discovers hundreds more phishing sites each day than are otherwise known 2. Verify as phish and determine brand spoofed vendor for quick removal of mallclous content 3. Collect digital evidence Prompts communication directly to your takedown All links and files are extracted and analyzed In real-time Discovers how each phishing site is linked to other phishing sites 4. Correlate the big data THE OLD WAY L> REACTIVE 5. Learn to recognize future sites 1. Suspected phishing website is reported to you 2. You notify your takedown vendor 3. Takedown vendor confirms site is fraudulent 4. Vendor initiates takedown process Several minutes to hours may pass between steps 4 and 5 5. Fraudulent website is successfully removed 6. Cyber-criminal launches a new site 7. The process repeats d Process developed by world-renowned phishing experts at the University of Alabama at Birmingham MALCOVERY An intelligence-based response to phishing includes forensically-sound collection, data correlation, and threat research of: • ybercriminals' Intenet location (URL and IP) • Email addresses that are receiving stolen credentials • Whois and reputation information about the domain name and IP • Copies of all the component files of the phishing web site SECURITY Malcovery's intelligence-based approach to phishing reduces fraud losses and incident response costs, A proactive solution offers you: • Inside access to a valuable data mine of phishing intelligence • The ability to search on suspicious URLS, domans, and IP addresses • Insight into how the same threat is affecting other targeted brands • Expert advice on referring cases to law enforcement both near-term and in the future. Saves Time Saves Money Protects Brand Reputation Increases Customer Satisfaction Increases Customer Loyalty Contact us in Phone 855-625-2683 Emall [email protected]