THE 2024 STATE OF PHISHING REPORT IS PUBLISHED!  READ THE REPORT HERE

Attack Vectors

Preventing Evasion Attacks with Perception Point

Evasion techniques are as common as there are cybersecurity attacks. Even the least sophisticated attackers are able to use them with great success. By simply using new file types, a chain of links, or “IF” mechanisms, they easily bypass existing solutions.

 

Until today, uncovering, identifying, and preventing such techniques was almost impossible – it took too much time, technology and money. Perception Point’s proprietary engines have changed this reality. See how below.

Book a Demo
horizontal platform evasion spear phishing

Defense Evasion Techniques:
No More Plain Attacks

The threat landscape of content-based attacks has undergone major shifts in every manner: volume, sophistication, and diversity. Not too long ago, the attacker would use simple files (including even executables) and links to reach end-users and create havoc. However, cybersecurity vendors have come up with several solution to block such attempts, including using policies and blacklists.

 

The problem? Attackers have developed new ways to evade these mechanisms. For example, the attacker can host the malicious file in a cloud storage platform, such as OneDrive or Google Drive, and send a message with the link to the file. The link itself is clean so the legacy solution would not block the message and the end user will end up downloading the malicious content. Another example is the use of “Sleepers” – attackers insert internal stalling mechanisms that a sandbox can’t observe, ensuring the malicious payload will take action only when facing real end-users.

multi layers platform spear phishing

The Evasion Kill Chain

graphic of a square

Step 1

Target Acquisition

The attacker gathers intelligence on the target, focusing on the cybersecurity technology used.

graphic of a flower

Step 2

Weaponize

The attacker creates the core payload to be sent to the target.
scissors and comb spear phishing

Step 3

Grooming & Evasion

The attacker chooses the best evasion technique to bypass the target’s lines
of defense.

page on computer spear phishing

Step 4

Delivery

The attacker chooses the best channel for sending the malicious payload.
skull icon going into a box

Step 5

Execution

The attacker obtains confidential data or gains financially after successfully hitting the target user.

Our Evasion Detectors

Perception Point uses multiple static and dynamic-based algorithms to conduct deep content inspection, uncovering highly concealed attacks, in less than a second.

RECURSIVE UNPACKER
purple block spear phishing

Recursively scouts for files and URLs embedded within the email or attachments, extracts them, and scans them separately through our various detection engines. Ability to penetrate and uncover the most advanced hiding techniques.

VALIDATOR
three layers block bec
Unique algorithms run the same files and URLs in multiple versions and patterns to make sure the attack is not leveraging unseen evasion mechanisms.
Get a Demo

Our Advantages

Scanning 100% of Content

Once the attack is unpacked, each individual file, URL text or even smaller objects within the content, are scanned separately by multiple engines.

Multi-version Scanning

Content is scanned in various versions and types to ensure even unpatched software is not susceptible for the potential attack.

Extension of
Policies

Native capabilities allow to extend blocking policy in recursive manner (e.g. blocking .exe file archived in a .rar file or hidden behind a Dropbox folder or URL).

Light Speed
Discovery

Hidden techniques are uncovered in matter of a fraction of a second to ensure prevention of attacks.

Ongoing Research

A dedicated team of cyber experts analyzes traffic and “in-the-wild” content to ensure all algorithms are up to date on a daily basis.

Deployment-
ready

Deployed in one-click, creating zero fuss to you and your IT team.
Get a Demo

See Perception Point in action!

Fill out the form and get a personalized demo of Perception Point.  We’ll send you a link to book a demo with our sales reps within one (1) business day.

Learn More

Rewriting Hysteria: Rising Abuse of URL Rewriting in Phishing

In recent months, threat actors have discovered a troubling new method to exploit URL rewriting, a feature intended to protect users by replacing links in emails. By manipulating these rewritten URLs, attackers mask highly evasive phishing links behind trusted domains of security vendors, effectively bypassing detection. This abuse has led to a critical surge in advanced phishing attacks that leverage the very tools developed to prevent them.
learn MORE

Phishing by Design: Two-Step Attacks Using Microsoft Visio Files

Perception Point’s researchers have uncovered a new type of two-step phishing attack leveraging Microsoft Visio files (.vsdx) and SharePoint. These attacks embed malicious URLs in .vsdx format files to evade detection and steal credentials.
learn MORE

Evasive ZIP Concatenation: Trojan Targets Windows Users

learn MORE

You’re Invited: Rampant Phishing Abuses Eventbrite

In a new Eventbrite phishing campaign, threat actors misuse Eventbrite’s services to steal financial or personal information.
learn MORE

NIS 2 Directive: Key Facts Every Organization Needs to Know

Discover how the NIS 2 Directive will impact businesses across the EU, with stricter reporting requirements, expanded scope, and significant penalties. Learn how Perception Point helps organizations ensure compliance.
learn MORE

You Don’t Need an Agent to Secure Your Browser

Securing the browser has become more critical than ever, leading to the rise of browser security solutions. These solutions enhance the browser’s security capabilities, offering protection against phishing, malware, risky extensions, and more.
learn MORE
Our blog

AI-powered cybersecurity to protect the modern workspace

Request Demo

© 2024 Perception Point Inc. All rights reserved.