Attack Vectors

Account Takeover (ATO) & Lateral Phishing

Amongst the toughest to detect, and the most devastating, account takeover (ATO), occurs when a cyber attacker gains control of a legitimate account, e.g., your business email or company’s bank accounts, to defraud other employees, customers or partners. Account takeovers are on the rise. Sophisticated attackers understand that once they gain access to one of your employees’ credentials they can “land and expand,” causing unprecedented damages.

Until today, scanning internal emails was problematic and caused significant delays in email delivery or damaged the links/files. Perception Point’s technology solves these problems.

Account Takeover (ATO) & Lateral Phishing Challenges

Today, once attackers get a foot in the door and obtain credentials for authenticated access to your mailbox, they can do whatever they like – literally! They can spread malware, deliver malicious links, and even obtain personal data or financial gains.

By neglecting the intradomain email space, companies remain exposed to sophisticated attackers that have already passed the front lines of defenses.

The Account Takeover (ATO) & Lateral Phishing Kill Chain

Step 1

Credential Theft

Intruder obtains legitimate log-in credentials of the targeted account via phishing, social-engineering, or any other collaboration channel.

Step 2

Reconnaissance and Weaponization

Intruder explores the email inbox to understand which communications the user has already been evolved in and look for an opportunity to take advantage of.

Step 3

Delivery

Intruder sends malicious emails to different employees in the organization, spreading files or URLs until another user takes the bait.

Step 4

Result

Intruder obtains confidential data or financial gains from wrongful actions of the targeted users.

Max Prevention. Zero Intervention.

Perception Point protects against ATO and lateral phishing attacks by preventing the attacker from “landing” in your organization and/or “expanding” across your users.

Account Takeover (ATO) Prevention

Designated, unique engines work to prevent any attempt to phish credentials from each channel protected by Perception Point.

Recursive Unpacker

Unpacks the most deeply embedded phishing attacks, even if highly concealed by the attacker.

Image-recognition engine

Proprietary engine uses advanced image recognition algorithms to validate if any URL is a legitimate site.

Lateral Phishing

We invented a new way to intercept intradomain attacks, without compromising on user experience. Applying 7 layers of defense, Perception Point is able to prevent any attack from expanding across your protected channels.

URL Reputation

Incorporates data from the four top URL reputation engines monitoring global traffic for phishing attempts.

HAP

Dynamically scan files and URLs without tampering the content. Unlike other engines (e.g. sandboxes), the HAP provides verdict within seconds.

Our Advantages

Complete Advanced Threat Detection

Static and dynamic-based engines work together to prevent any type of external or lateral email threat, including malware, phishing, impersonation and unknown threats.

Maximum
Usability

Providing ultimate detection without compromising on content functionality, allowing your employees to collaborate and create together safely.

Enhanced Line of Defense

Creating an additional obstacle in the way of sophisticated attackers from gaining financial benefits. Internal email scanning enhances your overall network protection as it identifies threats even if they passed the first lines of defense of other entry points.

Business‑supporting Speed

Scanning external and internal emails without causing critical delays to your ongoing operations, effectively encouraging users to share content is protected channels, such as email (vs. private apps for example), and providing your security full visibility and control.

Unlimited
Scale

Whether your employees share huge files or multiple URLs – Perception Point will scan it. Cloud-native approach allows the platform to support any amount of data, on every single moment.

Deployment
Ready

Like our Advanced Email Security solution, the Advanced Internal Email Security product is deployed in one-click, creating zero fuss to you and your IT team.

TALK TO SALES

Ready to Try
Perception Point?

Learn More

5 Key Takeaways from the 2021 Gartner Market Guide for Email Security

In this blog post, we cover the main takeaways from the 2021 Market Guide for Email Security Report by Gartner, and how security leaders can make an impact on their organization’s security posture by taking a deeper look at their email security provider.

Perception Point Researchers Discover Two MacOS Sandbox Escape Zero-Days

The published sandbox escape zero-days, recently patched by Apple, can fully compromise victims when used in an exploit chain.

Perception Point Launches Free Advanced Email Security Service, Strengthening Enterprise Protection Against Multiple Attack Vectors

The Perception Point Free Plan, with no limit on number of users, scale and time, allows quick interception of advanced threats missed by other services

The (Yet) Unsolved Problem of Email Security

The number of cyberattacks is dramatically on the rise, the majority originating via email. Unfortunately many security leaders have just accepted this reality as fact. This blog discusses how you can evaluate whether you have the right email security solution to get the job done.

Perception Point Recognized in 2021 Gartner Market Guide for Email Security Report for Third Year in a Row

Listed as a Representative Vendor in the Integrated Cloud Email Security (ICES), the report included three of Perception Point’s offerings: Advanced Email Security, Advanced Internal Email Security, and the Advanced Collaboration Security solutions.

Virtual Event: How did the bad guys get in? Attack vectors in the modern enterprise

Have you ever wondered how you were hacked? In this meetup, Perception Point will discuss the latest attack vectors that cybercriminals are employing to breach organizations. We will cover various techniques used through the email channel, cloud collaboration channels including Box, Dropbox, OneDrive, and Google Drive and perimeter breaches – diving into the attack kill chains.

Account Takeover (ATO) & Lateral Phishing