By Brandi Moore 

After a year like 2020, who isn’t looking for things to celebrate? February 2021 marked Cofense’s fifth anniversary of setting up our Phishing Defense Center (PDC) to deliver our Managed Phishing Detection and Response service.   We hope you enjoy, as much as we have, digging into the archives as we reminisce a little about the evolution of our managed phishing detection and response services.  

Most of our community might not know this, but the PDC story began in 2016 with one enterprise customer’s request to manage their Cofense Triage appliance. We didn’t realize our customer support inquiry would lead Cofense to stand up a global team of expert threat analysts, operating 24/7 and processing millions of reported emails each year. This one customer request literally shaped how we look at managed phishing detection and response today.

Five years and millions of processed reports later, the Cofense PDC team knows more about active phishing threats than everyone else. In fact, we are in the unique position to see what phish have made it into environments protected by the leading secure email gateways (SEG).  Unlike the SEG vendors who only see what’s in the environments they protect, we have visibility into multiple environmentand have the best, most complete, view of real phishing threats. 

And even more importantly, am proud to share that no customer using the PDC has experienced a breach in those five years. 

Again, I want to emphasize: In five years, no customer using the Cofense Phishing Defense Center has experienced a breach resulting from a phishing attack.

In our first five years, Cofense customers have reported millions of suspected phish. Phish that were found in environments protected by “secure” email gateways.  These reported phish have contributed to the largest pool of phishing threat intelligence data in the world. Customers using the PDC as their Managed Phishing Detection and Response service, rely on our expertise and access to millions of reported phishing emails.

In 2020 alone, the PDC analyzed millions of emails and found: 

  • 255,000 user-reported emails were malicious  
  • 57% were credential phish (45% of which were Microsoft-themed) 
  • 12% delivered malware from nearly one hundred unique malware families

What did we do with all of this phishing threat data? We delivered unparalleled identification and remediation to phishing attacks so our customers experienced relief by relying on our expertise. In the last month: 

  • 85% of customers had an attack automatically mitigated that hadn’t yet been reported to the SOC 
  • Phishing campaigns that targeted thousands of users inside an organization were identified and removed without the labor of analysis by the SOC team – this is part of the Managed Phishing Detection and Response service. 

Security operations teams are overwhelmed and, frankly, too busy to stay on top of rapidly changing phishing attack methods. The PDC analyzes suspected phishing emails identified by humans and immediately removes them from customers’ environments. It monitors the way threat actors tacticchange  so organizations don’t have toThe PDC is on the front lines of active phishing campaigns, leveraging attack data across our enterprise customers to react faster than any single organization can do on its own. This intelligence results in what we call “The Network Effect; when a phish is detected in one environment, other PDC customers benefit and are proactively protected. Often before a phishing attack is even reported.  

There are many examples of the Phishing Defense Center‘s unparalleled outcomes, but I want to point out one in particularLast year, the team stopped and removed an attack in less than 10 minutes.  

A phishing attack can do severe damage in a matter of minutesYour organization should be equipped to stop an attack just as fast. 

In 2016, the Phishing Defense Center was a small team delivering 8×5 supportToday, the PDC has evolved into five global phishing defense centers that support the largest organizations in the world fighting phishing attacks on a 24×7 basis. Our experts analyze reported emails and service the entire managedphishingdetectionandresponse process for customers all day, every day. We are incredibly grateful to our enterprise customers for their continued trust, feedback, requests and for inspiring us to keep innovating. Here’s to the next five years of helping organizations stop phishing attacks in their tracks (I am virtually toasting to all of you). 

Be sure to download our Annual State of Phishing Report for a review of the phishing landscape in 2020 and insights for 2021. If you’re interested in learning more about Managed Phishing Detection and Response service delivered by the Cofense PDC, get in touch with our team! 

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats. 
 The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc. Past performance is not indicative of future results.