ADVANCED THREAT PROTECTION

Growing threats from ransomware, CEO fraud and digital espionage – Advanced Threat Protection effectively protects your business from cyber attacks.

Protection from ransomware

Emotet, Trickbot, GandCrab – Malware is increasingly finding its way into the email inbox of companies and organizations. CEO fraud, forged invoices and fake application emails are the most common methods used by cybercriminals to smuggle malware into corporate systems. Important files are encrypted, sensitive information is copied or confidential business transactions are monitored. Ransomware, spyware and viruses manipulate or damage operational and production processes, which can cause considerable (financial) damage to the companies targeted. With the comprehensive features of Advanced Threat Protection, even the most sophisticated cyber attacks have no chance.

Advanced Threat Protection

Growing threats from ransomware, CEO fraud and digital espionage – Advanced Threat Protection effectively protects your business from cyber attacks

Advanced Threat Protection

Emotet, Trickbot, GandCrab – Malware is increasingly finding its way into the email inbox of companies and organizations. CEO fraud, forged invoices and fake application emails are the most common methods used by cybercriminals to smuggle malware into corporate systems. Important files are encrypted, sensitive information is copied or confidential business transactions are monitored. Ransomware, spyware and viruses manipulate or damage operational and production processes, which can cause considerable (financial) damage to the companies targeted. With the comprehensive features of Advanced Threat Protection, even the most sophisticated cyber attacks have no chance.

Advanced Threat Protection protects your email traffic from insidious cyber attacks

Protection against blended attacks

Blended attacks use different types of malware at the same time. Viruses, spyware, spam and phishing are combined in one email attack.

 

This blending of attack methods and penetration of different vulnerabilities makes cyber attacks even more complex and difficult to detect.

The new ATP feature: Malicious Document Decryption

The current cyber danger situation is critical: hackers are increasingly using encrypted email attachments to infiltrate corporate systems with malware.

Classic anti-virus programs cannot detect the malware hidden by this encryption. Malicious Document Decryption adds another essential feature to Advanced Threat Protection:

encrypted email attachments are decrypted using appropriate text modules within an email. The decrypted document is then subjected to an in-depth virus scan. This keeps your mailbox safe even from this advanced threat.

Malware Transmitting Ways

%

Significant sales losses

%

Bankruptcy

Increasing threat from ransomware

Ransomware is one of the most popular methods of cyber crime when it comes to making big profits and causing immense (financial) damage to the victims. If the blackmailer’s software enters a company system, all sensitive and confidential files are encrypted and are only released for a ransom in the form of Bitcoins. But there can be no certainty that the files will actually be released after payment has been made.

Hackers’ favorite targets are large companies and government institutions, as well as critical infrastructures. In the worst case scenario, an attack could lead to insolvency. But considerable sales losses are also among the possible effects.

A strong alliance against all methods of attack

The variety of attack vectors means that the defense mechanisms must be able to cope with a multitude of methods in order to ward off all eventualities. Hornetsecurity therefore uses freezing, URL scanning, rewriting and sandboxing to keep threats away from the IT infrastructure.

Comprehensive risk analyses with Sandbox Engine: Dangerous types of malware
 

Dangerous types of malware such as Emotet, Hancinator and Trickbot often hide behind file attachments in emails and therefore remain undetected at first. However, as soon as an infected document is opened, the malware enters a company’s system and can cause millions of dollars of damage. The Sandbox Engine scans email attachments for potential malware by running the file in a virtual, isolated test environment and identifying any potentially harmful effects.

 

If the document sent turns out to be malware, the emails are quarantined directly and the company’s IT security team is notified.

Freezing is the safe option

Emails that cannot be classified definitively straight away but are suspicious are held back for a short time by freezing them. The email is re-scanned – as soon as the virus detection engines get a hit, the email is moved directly into quarantine. Ransomware, blended attacks and phishing attacks will never get into your email inbox again!

URL Rewriting

Security with every click with URL rewriting URL rewriting secures all Internet access from emails via the Web Filter Engine. When you click on a link in an email, it is replaced by a secure URL. The user is then forwarded to the secured website via the Hornetsecurity web filter. The websites leading from the target page are also secured by URL rewriting.

This means that no malicious code can be downloaded to the computer unnoticed. Downloads from the web are also analyzed via the Sandbox Engine, which immediately aborts the download when malware is detected.

No getting through for harmful links thanks to URL scanning

Documents attached to an email (e.g. PDF, Microsoft Office) often contain further links. However, these cannot be replaced as this would violate the integrity of the document. The URL scanning engine leaves the document in its original form and only checks the target of these links to rule out possible malware damage and prevent phishing attacks.

Real-time alerts

Hornetsecurity Real Time Alerts notify your IT security teams in real time about acute attacks on your company. This up-to-date information can be used directly by the company for countermeasures, so that you can close your security loopholes in the shortest possible time and set up additional protective measures.

Ex-Post Alerts
Advanced Threat Protection With the ex-post alert, your IT security team receives an automatic notification if an email that has already been delivered is subsequently classified as malicious. You will receive a detailed evaluation of the attack so that you can immediately initiate measures such as checking systems and raising the awareness of your own employees.

If a virus or infected link is detected in ATP analysis tools such as the Sandbox Engine or URL scanning, the system automatically sends an alert. In addition, the administrator is informed about the attempted intrusion into the IT structures. This alert contains detailed information about the type and extent of the attack.

Advanced Threat Protection

Protection against CEO fraud – Targeted Fraud Forensics gives social engineering no chance

The human in front of the PC is still considered one of the biggest security loopholes in a system, and cybercriminals are well aware of this, too. Hackers exploit this vulnerability through personalized attacks such as CEO fraud and spear phishing. Advanced Threat Protection uses innovative detection mechanisms such as spy-out detection, fraud attempt analysis and intention spoofing recognition to detect and prevent targeted social engineering attacks on employees. For this purpose, incoming emails are examined for certain content patterns that indicate malicious intentions. This includes, for example, payment requests or requests for data output.

Targeted Fraud Forensics includes the following intelligent detection mechanisms

Fraud Attempt Analysis

Checks the authenticity and integrity of metadata and mail content.

Identity Spoofing Recognition

Detection and blocking of forged sender identities.

Intention Recognition System

Alerting to content patterns that suggest malicious intent.

Spy-Out Detection

Defense against espionage attacks to obtain sensitive information.

Feign Facts Identification

Identity-independent content analysis to identify messages that attempt to induce the recipient to take action by putting forward fictitious facts.

Targeted Attack Detection

Detection of targeted attacks on individuals who are particularly at risk.

Tips for identifying malicious emails

Professional cyber attacks via email are very difficult to detect, but there are a few clues for detecting fraud. First of all, if a fraudulent email is suspected, it should be verified whether the sender address actually matches the original domain. Consider carefully whether the sender is really an acquaintance or business partner of yours or whether the email address only resembles that of the actual person. Also check for spelling and grammar mistakes, especially if the email is supposed to come from a reputable company. A further clue is an impersonal form of address in the cover letter, such as “Dear Ladies and Gentlemen”. You should also be careful with links or buttons placed in emails, because as a “normal user” it is very difficult to check whether the supposed link target is actually correct. In case of suspicion it is safest not to click on any attached link.

Data - One of the most important resources of our time

Credit card information, travel information, passwords and access information, and personal details such as name and address are valuable pieces of information in our digital world. Hackers have set their sights specifically on either selling the data on the Darknet or using it for other purposes – for example, to harm companies deliberately. The attackers often use personal data for targeted attacks, since insider knowledge makes it difficult for employees to detect fraud and easier for the attackers to enter the company system.

Raising awareness of employees

Train your employees in the growing threat of cybercrime and the sometimes professional ways hackers operate, so they are careful about the information they publish about the company and where they publish it. Internal seminars can extend knowledge of how to deal with sensitive data such as passwords or credit cards. In addition, you should always introduce the four-eyes or even better six-eyes principle for payments and protect yourself in case of doubt with the client.

Integration of Advanced Threat Protection into the email management system

Hornetsecurity Advanced Threat Protection extends the filtering mechanisms for spam and malware protection.

 

Emails that have passed this initial check are subjected to further analysis by ATP.

 

Among other things, Advanced Threat Protection executes suspicious attachments and examines their behavior in detail.

Make a free and non-binding request for Advanced Threat Protection now!

Without payment information. Set up in a few minutes.

  • Select the number of email mailboxes you have in your company.
  • This field is for validation purposes and should be left unchanged.

Downloads

Data Sheet

Any questions?

These customers rely on the services of Hornetsecurity

Kunden Hornetsecurity Cloud Security E-Mail Security