Attack Vectors

Account Takeover (ATO) & Lateral Phishing

Amongst the toughest to detect, and the most devastating, account takeover (ATO),  occurs when a cyber attacker gains control of a legitimate account, e.g., your business email or company’s bank accounts, to defraud other employees, customers or partners. Account takeovers are on the rise. Sophisticated attackers understand that once they gain access to one of your employees’ credentials they can “land and expand,” causing unprecedented damages.


Until today, scanning internal emails was problematic and caused significant delays in email delivery or damaged the links/files. Perception Point’s technology solves these problems.

Account Takeover (ATO) & Lateral Phishing Challenges

Today, once attackers get a foot in the door and obtain credentials for authenticated access to your mailbox, they can do whatever they like – literally! They can spread malware, deliver malicious links, and even obtain personal data or financial gains.


By neglecting the intradomain email space, companies remain exposed to sophisticated attackers that have already passed the front lines of defenses.

multi layers platform ato

The Account Takeover (ATO) & Lateral Phishing Kill Chain

Step 1

Credential Theft

Intruder obtains legitimate log-in credentials of the targeted account via phishing, social-engineering, or any other collaboration channel.

Step 2

Reconnaissance and Weaponization

Intruder explores the email inbox to understand which communications the user has already been evolved in and look for an opportunity to take advantage of.

Step 3


Intruder sends malicious emails to different employees in the organization, spreading files or URLs until another user takes the bait.

Step 4


Intruder obtains confidential data or financial gains from wrongful actions of the targeted users.

Max Prevention. Zero Intervention.

Perception Point protects against ATO and lateral phishing attacks by preventing the attacker from “landing” in your organization and/or “expanding” across your users.

Account Takeover (ATO) Prevention

Designated, unique engines work to prevent any attempt to phish credentials from each channel protected by Perception Point.

Recursive Unpacker
Unpacks the most deeply embedded phishing attacks, even if highly concealed by the attacker.
Image-recognition engine
Proprietary engine uses advanced image recognition algorithms to validate if any URL is a legitimate site.

Lateral Phishing

We invented a new way to intercept intradomain attacks, without compromising on user experience. Applying 7 layers of defense, Perception Point is able to prevent any attack from expanding across your protected channels.
URL Reputation
Incorporates data from the four top URL reputation engines monitoring global traffic for phishing attempts.

Dynamically scan files and URLs without tampering the content. Unlike other engines (e.g. sandboxes), the HAP provides verdict within seconds.

Our Advantages

Complete Advanced Threat Detection

Static and dynamic-based engines work together to prevent any type of external or lateral email threat, including malware, phishing, impersonation and unknown threats.


Providing ultimate detection without compromising on content functionality, allowing your employees to collaborate and create together safely.

Enhanced Line of Defense

Creating an additional obstacle in the way of sophisticated attackers from gaining financial benefits. Internal email scanning enhances your overall network protection as it identifies threats even if they passed the first lines of defense of other entry points.

Business‑supporting Speed

Scanning external and internal emails without causing critical delays to your ongoing operations, effectively encouraging users to share content is protected channels, such as email (vs. private apps for example), and providing your security full visibility and control.


Whether your employees share huge files or multiple URLs – Perception Point will scan it. Cloud-native approach allows the platform to support any amount of data, on every single moment.


Like our Advanced Email Security solution, the Advanced Internal Email Security product is deployed in one-click, creating zero fuss to you and your IT team.


Ready to Try
Perception Point?

Learn More