FireEye Stories

Help Secure Your Email Against Today's Most Dangerous Threats

Are you sure your email is well-protected? The three primary categories of advanced threats are attachment, URL and impersonation-based attacks. FireEye Email Security detects and blocks malicious emails and phishing URLs other solutions miss, and now can detect the challenging third category – impersonation attacks.

Impersonation attacks happen when bad actors impersonate key individuals in order to trick other individuals into taking a specific action. The targeted key individuals are usually leaders within an organization, with titles such as chief financial officer, senior vice president and director. In a CEO Fraud attack, an attacker would impersonate a CEO and ask an employee to perform, for example, a wire transfer. The spear phishing emails created for these attacks can be tremendously well-crafted, enough to fool even experienced security professionals.

Traditional email gateway vendors offer anti-spam filters and antivirus software that rely on signatures and commodity intelligence. FireEye pioneered the market for detecting and blocking unknown malware-based attacks, unlike tools that need a threat to be seen before it’s blocked. Committed to continually innovating to stay one step ahead of the attackers, FireEye is responding to the shifting email threat landscape with new technologies for impersonation attacks, as well as URL-based attacks.

FireEye’s Innovation Cycle

As a global leader in helping organizations prepare for, respond to, and prevent breaches, FireEye is on the frontlines of cyber attacks every day. This real-time knowledge of the threat landscape serves as a guide for FireEye’s product innovation and threat intelligence. Through this unique innovation cycle, FireEye products and services are designed to meet the challenges of a dynamic threat landscape, creating a cyber defense platform that functions as a seamless, on-demand extension of an organization’s security operations.

This first to know, first to act approach functions as a continuous feedback loop with our experts utilizing our technology, and our Email Security development team leveraging this world-class expertise to build our solutions. The email security development team is extending advanced threat reporting to include persistent, impersonation attacks for FireEye Managed Defense customers.

Impersonation Detection

Impersonation attacks, such as CEO fraud, have cost businesses over $5 billion in losses. This is due in part to the lack of traditional attack indicators such as malicious attachments or links. To combat these attacks and protect customers, FireEye Email Security* stops difficult to detect impersonation attacks. Attackers must leave multiple “tells” for their scam to work. FireEye Email Security looks for these “tells” and blocks those emails from reaching their targeted recipients.

FireEye Email Security creates its own threat intelligence rather than relying on lagging third-party feeds. In-house email specific threat intelligence (or Smart DNS), data collection capabilities, email security experts and threat analysts provide the underlying infrastructure for enhanced anti-spam and phishing technologies and impersonation detection.

Advanced URL Defense

FireEye Labs has seen a shift from malware to URL-based attacks. In fact, FireEye Labs reported a 100 percent increase in URL attacks over a 15-week period during the last two quarters of 2017.

Advanced URL defense, included with FireEye Email Security, safeguards against changing URL-based phishing attacks. FireEye Email Security also includes updates based on recent advances in technologies such as machine learning and analytics. PhishEye, a classification engine we developed, uses deep learning to compare a screenshot of a web page referenced in a phishing URL to that of the targeted brand. FireEye Email Security also has features that apply domain and page content analytics to augment machine learning. The combination of analytics and machine learning provides added coverage, or a defense-in-depth approach to credential-phishing detection.

FireEye also offers customers a company-branded landing page. The branded notification of a redirect gives end users confidence that the notice is legitimate.

Taking the Lead on Advanced Threat Protection

FireEye Email Security is leading the way in advanced threat protection of attachments, URLs and impersonation-based attacks. FireEye Email Security quickly identifies threats and minimizes false positives with frontline and in-house email threat intelligence to block threats other solutions miss.

The FireEye Email Security solution includes access to the FireEye Helix portal – a security operations platform that connects FireEye and third-party security technologies and augments them with contextual intelligence, automation, and case management capabilities. With the FireEye Helix portal, customers can make expert decisions and capture the untapped potential of their security investments.

For more information about defending against email-based attacks, please read our white paper: Spear-Phishing Attacks: Why They Are Successful and How to Stop Them.

*Available with FireEye Email Security – Cloud Edition, AVAS add-on.