Human, Artificial, and Email Attack Intelligence: Why You Need All Three

June 22, 2022

By Cofense

It’s a staggering statistic: 50% of all email phishing attacks, including business email compromise (BEC) and credential theft, evade secure email gateways (SEGs). Yes, your SEG misses half of all advanced email attacks targeting your organization.

While credentials are appealing for threat actors, their end goal is far more nefarious – to compromise your business’s crown jewels such as customers' personal identifiable information (PII) and confidential intellectual property (IP). To protect their valuable assets, organizations must deploy an intelligence-driven solution to counteract phishing attacks, which make up 91% of all cyberattacks.1 With this approach, organizations gain the upper hand against threat actors by proactively identifying trends, predicting threats, and preventing attacks. However, a solution is only as effective as the intelligence that powers it. New attacks and tactics are developed every day and organizations need insights from multiple sources to identify the latest campaigns.

Cofense enables organizations to detect and respond to email phishing attacks evading traditional email security controls with a comprehensive platform powered by a combination of unique intelligence sources: human intelligence, artificial intelligence, and email attack intelligence. Each of these sources, deployed through various products in the Phishing Detection and Response (PDR) platform, provides an important and necessary view into active phishing campaigns.

  • Human Intelligence is derived from a network effect of over 32 million reporters worldwide reporting real phish reaching their inboxes. More than 50% of attacks reported to the Cofense Phishing Defense Center (PDC) were reported in another PDC customer’s environment first, immediately arming the organization with the necessary indicators of compromise (IOCs) to stop the attack.
  • Artificial Intelligence comes from patent-pending “computer vision” technology deployed in Cofense Protect that reads emails as a human does and identifies if they are malicious. Of the threats identified by computer vision, 88% have never been seen before, enabling organizations deploying Protect in their environments to catch the newest attacks almost instantly.
  • Email Attack Intelligence, obtained from multiple sources, vets every single IOC distributed by Cofense. Our team of analysts reviews every IOC from our human and artificial intelligence sources, with customers experiencing - as they've told us - a “99.9% credibility rate.”

This unique combination of intelligence provides an unsurpassed source of insights into phishing campaigns and powers our comprehensive platform to automatically identify and remove recently developed attacks, even if they haven't been reported. In essence, Cofense sees threats that SEGs don't.

Threat actors continuously evolve their tactics to bypass existing email security. To fully enable your SOC and mature from a reactive to proactive security posture, it’s imperative to deploy a solution powered by relevant data that evolves in real-time to identify the next attack before it strikes your organization. Data is only as relevant as its sources, and organizations evaluating email security solutions should ask vendors to talk about how they power their technology. Data should derive from relevant, dynamic, and distributable sources to ensure the solution evolves with the threat landscape and remains effective.

Cofense’s unique and relevant data ticks these boxes and fuels a cohesive solution that evolves your email security posture to stay ahead of the ever-changing threat landscape. Ask us how we can help your enterprise. Contact us today.

1 Deloitte, January 9, 2020: "91% of all cyber attacks begin with a phishing email," https://www2.deloitte.com/my/en/pages/risk/articles/91-percent-of-all-cyber-attacks-begin-with-a-phishing-email-to-an-unexpected-victim.html.

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats. Past performance is not indicative of future results. 

The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.