Everyone’s on the lookout for phishing emails today (or if they’re not, they should be). Some people are on high alert and are really good at spotting them. Are you?
What if you received an email that you were convinced was a phishing email, with all the telltale signs, but it wasn’t? That’s exactly what happened to customers of TriNet, one of the largest outsourced human resources providers in the United States, primarily for small-to-medium-sized businesses.
TriNet sent an email to their customers’ remote employees and unintentionally crafted the email in such a way that it looked very much like a phishing email. So much so, that most experts who looked at it could not be sure it was 100% safe.
According to the employees at TechCrunch who analyzed the email, “There were more red flags than we could count.” From an article on SC Magazine, the red flags included the following:
- The TriNet logo in the email was hosted on the image-hosting site Imgur instead of the company’s own website – a trick spammers use to avoid detection.
- The email contained a link to a web page with an entirely different domain than TriNet’s home page, and with minimal content or imagery to suggest that the page was even affiliated with TriNet. This made it seem as if users were being rerouted in a DNS hijack attack.
- A subdomain used in the email had been set only weeks earlier, suggesting that a malicious actor may have recently registered the URL in order to launch a new campaign.
- TriNet reportedly does not enforce the DMARC policy on its domain name, which would make it easy for hackers to spoof the company’s emails and create something that looked similar to the email in question.
When it comes to phishing, we ask a really important question: how do we keep the phishing emails out? But, now we have another important question: how do we simultaneously make sure we let the non-phishing email through, even when they look suspicious? It just so happens that the answer to both questions is the same. With phishing prevention software.
Cloud-based phishing prevention software, like that from Phish Protection, is designed to keep phishing emails out of inboxes. And even in cases where phishing emails get through, Phish Protection renders them harmless with real-time link click protection.
Phish Protection works by looking at the underlying code of the email, as well as the underlying code and reputation of every domain a link in that email points to. In doing so, not only does it identify phishing sites, but as a byproduct of its investigation, it lets non-phishing email through, even when they look suspicious.
You could say Phish Protection provides two services: it doesn’t get fooled by phishing emails and it doesn’t get fooled by suspicious non-phishing emails.
When you’re ready to protect your employees from phishing emails while simultaneously giving them the confidence that emails in their inbox are safe no matter what, head on over to PhishProtection.com
Phish Protection works with all email providers, sets up in minutes, comes with 24/7 live technical support and only costs pennies per employee per month. Try it for free for 30 days.