Real-time analysis critical for detecting phishing threats

The latest analysis of phishing data from the Cyren Incident and Response team shows that 88 percent of evasive threats were detected using real-time techniques like machine learning.

Of the remainder six percent were found with proprietary threat intelligence or readily matched patterns from previous attacks, and the remaining six percent were suspicious messages that required human analysis to confirm the detection.

The team's analysis of nearly 20,000 email threats confirms that phishing continues to be the main attack that arrives in people's inboxes. Attackers are refining their tactics too, allowing them to automate attacks that would previously have required a high amount of manual effort.

Criminals are increasingly putting phishing URLs in JavaScript files to avoid traditional protection measures. Email subjects reference voice messages, shipments, invoices, password resets and other things to instill a sense of urgency and get recipients to open the attachment and visit a fake login page.

You can read more about the phishing attack landscape on the Cyren blog.

Image Credit: Maksim Kabakou / Shutterstock