Wombat enhances PhishPatrol, the anti-phishing email filter

HITBSecConf2019 - The 10the annual HITB Security Conference in The Netherlands - Trainings, Conference track and Haxpo exhibition. Register now.

Wombat Security Technologies released a new version of PhishPatrol, an e-mail filter designed to strengthen a business’s current filtering system by catching phishing emails missed by leading anti-spam/anti-virus software.

Tests have shown that PhishPatrol catches many of the targeted phishing (“spear phishing”) attacks, including many zero-hour attacks that would otherwise go undetected by leading anti-spam/anti-virus filters. These results are made possible by predictive technology initially developed by Wombat’s co-founders at Carnegie Mellon University. This technology has been further enhanced to combine multiple layers of analysis that look at each email from a number of complementary perspectives.

Industry analysts have recognized the need for organizations to focus on identifying and filtering out phishing emails given the significant and growing costs of these attacks. PhishPatrol is designed to enhance an organization’s existing anti-spam and anti-virus filters by leveraging a multi-layered approach.

Each layer analyzes emails based upon a number of contextual attributes which range from structural email elements, linguistic features, and reputation mechanisms that in combination are very effective at identifying a full range of phishing attacks. The latest release of PhishPatrol also incorporates a new user interface that enables administrators to easily configure the product and view detailed reports and statistics.

“Current high-profile attacks on government and private sector organizations demonstrate that existing e-mail filters continue to miss a large percentage of phishing emails,” said Wombat’s President & CEO, Joe Ferrara. “In particular, research shows that these filters have a really hard time catching customized spear phishing attacks aimed at smaller groups of employees. Yet, these attacks are often the most successful and the most damaging.”

Today’s leading anti-spam/anti-virus filters fail to catch many phishing emails because they continue to rely primarily on manually maintained “blacklists” and email signatures. These blacklists and email signatures are generally known to be hours, if not days, behind.

“Research shows that 50 percent of users who fall for phishing attacks read their email within 2 hours from the time it reaches their inbox and this percentage reaches 90 percent within 8 hours”, said Dr. Norman Sadeh, Wombat’s co-founder and Chief Scientist. Therefore, a lag of even just a few hours can have devastating consequences for users.”