PhishMe, the leading provider of security behaviour management services that improve employees’ resilience towards spear phishing, malware, and drive-by attacks, today announced the availability of its patent-pending Phish Reporter™, the first technology available to enterprises that aggregates and normalizes user-provided reports of suspicious emails. Phish Reporter is an Outlook Add-in that installs a button on the user’s toolbar, allowing them to report suspected phishing emails with the push of a button, and improve organizational detection and response time to threats.
Phish Reporter automatically discerns emails reported from PhishMe campaigns and emails reported from unknown sources, ensuring that only reports of potentially malicious emails are delivered to appropriate security staff. Phish Reporter collects reports of emails sent from PhishMe, noting which users reported them and sending the user acknowledgement of the successful report, thus completing the feedback loop and further enhancing employee capabilities. This information is tracked and integrated into PhishMe’s comprehensive reporting metrics. Reports of unknown emails are forwarded to a designated location where they can be analyzed by an organization’s internal security team.
With several industry research reports noting the prolonged periods between initial compromise and breach detection, the need for user reporting has never been greater. In its 2013 M-Trends report, Mandiant® noted that the median time attackers were present on a network before detection was 243 days. According to The 2013 Data Breach Investigations Report by Verizon, 66% of all breaches took “months or more” to discover. Phish Reporter organizes and streamlines the reporting process, which enables organizations to leverage this valuable, untapped resource – the human sensors. Information provided by user reports can help organizations reduce time and cost associated with threat detection.
“With the new Phish Reporter button, organizations can effectively turn their employees into spear-phishing sensors,” said Rohyt Belani, CEO and co-founder of PhishMe. “Many of our customers have successfully created an awareness culture in which employees can identify spear-phishing emails, but they lacked a fast, effective way to report these emails to the appropriate department within the organization. Phish Reporter will help fill this void.”
After implementing PhishMe’s Phish Reporter, organizations will be able to:
• Retrieve time-stamped entries of reported phishing emails
• Create in-depth incident reports showing reported phishing emails over an extended period of time
• Provide a process to filter between phishing emails from PhishMe and real phishing emails
• Gather specific information about potential attackers in a timely manner, thus reducing incident detection times and the cost of incident response.
“PhishMe has established a unique methodology for scoring a user’s ability to identify phishing attempts,” said Aaron Higbee, CTO and co-founder of PhishMe. “With each employee being a potential sensor, they can now become proactive contributors to the threat detection process and security teams can prioritize their analysis based a user’s scoring history.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.