One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8648936 |
| Date de publication | 2025-02-18 11:14:41 (vue: 2025-02-19 02:08:09) |
| Titre | Phishing Beyond Email: How Proofpoint Collab Protection Secures Messaging and Collaboration Apps |
| Texte | Today\'s organizations are embracing messaging and collaboration tools to enhance productivity and connect distributed teams like never before. Just as quickly, cybercriminals are adapting and learning to exploit these new entry points. Instead of just email-based threats, bad actors are now targeting these platforms with attacks like phishing, malware and account takeovers. To stay ahead of evolving threats, organizations need to protect their messaging and collaboration platforms with the same level of detection efficacy that they use for email. That\'s where Proofpoint Collab Protection can help. The new cyber battleground: messaging and collaboration platforms It might surprise you to learn that collaboration and messaging platforms don\'t have native security capabilities. So, they\'re unable to inspect or detect malicious URLs or block phishing attacks. In other words, your people and business are at risk if they use any of these platforms: Messaging, like Messenger, WhatsApp, Snapchat Collaboration, like Microsoft Teams, Slack, Zoom Social media, like LinkedIn, Instagram, Facebook, Twitter/X Cybercriminals exploit this opportunity by using these platforms as launchpads to send a variety of threats. Unfortunately, employees fall prey to these attacks for several reasons. For starters, employees tend to trust internal collaboration tools more than email because they assume that messages are being sent by verified colleagues. Attackers exploit this trust. Take Microsoft Teams as an example. Bad actors might use Teams to impersonate an executive to direct an employee to use a fraudulent invoice payment portal. Another issue is that, unlike email, messaging apps also encourage instant responses. Attackers use this to create a sense of urgency, pressuring victims into acting without verifying links or requests. They might ask employees to send payments, share their credentials or click a malicious URL. For example, a threat actor could use Messenger to impersonate the HR department, telling an employee to update their banking information immediately to avoid missing the next pay cycle. How cybercriminals weaponize messaging and collaboration tools Here\'s what the typical attack chain looks like for messaging or collaboration apps: Stages in the attack chain for messaging and collaboration apps. The most prevalent method for delivering payloads is malicious URLs. In the past three years, Proofpoint Threat Research has observed an alarming 2,524% increase in URL threats through SMS-based phishing (smishing). Compare that to threats delivered by email, which went up by only 119%. With more exposure to risk, companies are more vulnerable to cyberattacks. And the consequences of those attacks can be severe. In 2024, the average cost of a single attack reached $4.88 million, according to the IBM Cost of a Data Breach Report. Closing the gaps: how to secure your messaging and collaboration ecosystem Proofpoint Collab Protection extends phishing protection against malicious URLs delivered via any messaging, collaboration or social media platforms. Powered by our industry-leading Nexus Threat Intel, it provides real-time URL reputation inspection and analysis as well as the ability to block malicious URLs at click-time. As attackers\' tactics evolve, Collab Protection will use more parts of the Nexus detection ensemble over time. This will ensure that your users are protected anywhere, anytime from advanced phishing attacks. Protect people from malicious URLs Collab Protection is powered by our industry-leading threat intelligence. It inspects and analyzes the reputation of URLs in real-time, and it can block malicious URLs at click-time. Here\'s how it works. When an employee clicks on a suspicious link that\'s shared in a messaging or collaboration app, Collab Protection automatically evaluates how safe the link is. It does |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 119 2024 524 ability access accessed according account accuracy across acting activity actor actors adapting advanced affected against agnostic ahead alarming all also analysis analyzes another any anytime anywhere app application apps apps: are ask assume attack attackers attacks attributes automatically average avoid bad banking based battleground: because before being beyond block blocked blocks both breach brief business came can capabilities chain channels checking click clicked clicks closing collab collaboration colleagues companies compare comprehensive connect consequences content cost could create credentials cyber cyberattacks cybercriminals cycle data deemed defenses delivered delivering department desktop detect detection device digital direct distributed does doesn don download ecosystem efficacy email email: embracing emerging employee employees encourage enhance ensemble ensure entry evaluates even evidence evolve evolving example executive exploit exposure extend extends facebook fall faster forensics fortify fraudulent from gain gaps: harmful has have help helps here holistic how ibm identifies immediately impersonate includes increase industry information insights inspect inspection inspects instagram instant instead intel intelligence interacting internal invoice issue just launchpads leading learn learning level like link linkedin links looks malicious malware matter media messages messaging messenger method microsoft might million minimizes missing mobile more most multichannel multiple native need never new next nexus now observed only opportunity organization organizations other over parts past pay payloads payment payments people phishing pinpoints platforms platforms platforms: points portal powered pressuring prevalent prevents prey productivity proofpoint proofpoint protect protected protection protection provides protects provides quickly range reached real reasons report reputation requests research respond responses risk safe same secure secures security send sense sent several severe share shared showing single slack smishing sms snapchat social solution stages starters stay stop successfully surprise suspicious tactics take takeovers target targeting teams telling tend text than that them these they those threat threats three through time today tools tools track trust twitter/x typical unable unfortunately unifies unlike update urgency url urls urls use user users using variety verified verifying victims view visibility visibility vulnerable weaponize websites well went what whatsapp when where whether which who why wide will within without words works years your zoom zoom |
| Tags | Data Breach Malware Tool Threat Mobile |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.