The simple way to avoid document-based phishing attacks

by | Oct 31, 2022 | Thought leadership

According to threat intelligence research from IBM, phishing attacks were the top infection vector in 2021, with over 4 in 10 attacks initiated using this tactic – a 33% increase over the previous year. This helps explain why recognizing and reporting phishing has been chosen as one of the core themes for Cybersecurity Awareness Month.

The impact and costs of phishing-based breaches are skyrocketing. In August, for example, a file-based cybersecurity breach led to the theft of $620 million in cryptocurrency, when Axie Infinity – a blockchain-powered online game with over a million daily users worldwide – was targeted with an attack that relied heavily on file-based phishing techniques.

North Korean hackers used files infected with malware to gain access to the network of its publisher, Sky Mavis. After posting fake job opportunities on LinkedIn to fool Sky Mavis staff, one software engineer went through several bogus interviews in the belief they could land a new role with a generous salary.

As part of the complex process, the candidate was sent a job offer by the hackers in a PDF file, but as explained in one media report, the document was “laced with spyware”. This allowed the hackers to initiate a chain of events that led to the theft of the cryptocurrency assets.

 

Take a zero-trust approach to files

Incidents such as this underline the widespread vulnerabilities inherent in many of today’s cybersecurity strategies, in that they rely on detection-based methods to prevent malware infections. Instead, Glasswall zero-trust CDR (Content Disarm and Reconstruction) technology offers proactive defense from file-based cybersecurity threats hidden within today’s most popular file formats.

In contrast to detection-based security, such as antivirus and sandboxing that must play catch up with new threats, Glasswall instantly cleans and rebuilds every file to a safe and compliant standard – automatically removing potential risks. This closes the protection gap seen by detection-based methods that can last for anything up to 18 days.

Glasswall’s industry-leading, cloud-native CDR technology provides an unmatched understanding of files, including a complete analysis of the risks and active content found within each file. Security teams are given the ability to remove risk and shape their security policy to match their risk appetite. Simultaneously, control over end-user actions is regained, as file-based threats are dealt with before a file is delivered to the end user.

Try Glasswall CDR on your browser or device

 

Related

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.