QR Code Email Phishing Attempt – How Harmony Helps
Pretty much all of the leading cyber security vendors agree that email is one of, if not the most targeted attack vectors.
In recent years, many organisations have taken advantage of moving their email platform from legacy on-prem to more modern cloud-native tools based predominantly on either Microsoft 365 or Google Workspace. This transition led to many organisations reviewing their cyber security tooling that is in place for securing their email, as the more modern offering also provided some feature sets that can provide good basic email security, especially with regards to standard SPAM filtering.
We now see organisations that have completed that transition are finding that their email security protections are reduced and that some of the more sophisticated phishing and impersonation attacks are now getting through.
SEP2 have partnered with Check Point since we started the organisation, both our CEO Paul Starr and I have worked with Check Point for 15+ years each. When the Check Point CloudGuard SaaS platform was first released, and more recently as the evolution of that being the Check Point Harmony Email platform, we knew that they would be providing only the best email security.
We’re proud to say that we “eat our own dogfood” and use the Check Point Harmony Email platform ourselves. If you’ve been on the receiving end of a Harmony Email demonstration from me, you will know that as I use our tenant to give the demo. No better way of demonstrating to our customers how the system work in my opinion!
This last week we’ve seen a further evolution in advanced targeting phishing which many of the inbuilt email security tools aren’t aware of and are therefore allowing into a user’s inbox.
A very well-crafted email impersonating a DocuSign e-signature request, with a QR code embedded with the directive to “Scan the QR code to access the shared document”.
A built-in security tool allowed this through, but the Check Point Harmony Email platform actually understood that what the QR code is, decoded it, found that it linked to a URL shortening site as a further layer of obfuscation, followed that through to where it was actually taking you, and found a drive by download of malware as well as a credential harvesting page.
This is yet further proof that although there are savings to be had and efficiencies in not running the complicated Exchange email platform in house, taking just the vendor supplied tooling for email protection isn’t enough, you need a dedicated cyber security provider as well to give you peace of mind that your users are safe.
The attackers are only getting smarter, and it only takes one misstep by a user to bring things crashing down.
If you’d like a demo of the Check Point Harmony Email platform, or would like a 14 day trial, please get in touch and we can get that arranged.