Some phishing scams are obvious; it's why about 15% of all attacks are caught by default security. They use the traditional defenses of SPF/DKIM/DMARC to catch these relatively simple attacks.
But many phishing attempts are true zero-day campaigns; the hackers utilize a variety of techniques to get past default scanners, from SiteCloak to SLYKin to HTML attachments to utilizing Sway to thousands of others. There's a reason that one quarter of phishing emails bypass O365 security.
In order to catch the more advanced and sophisticated attacks, you need to leverage data and machine learning. All major email providers use machine learning—because of the amount of emails sent every day and the amount of data that creates, big data is needed to analyze all of it.
But not all machine learning is created equal. Machine learning relies on good data. Because Avanan sits inline, scanning emails after default security but before the inbox, we have a unique vantage point and a unique dataset that no other security vendor has. We have a dataset that's based on what others miss.
It's why we've developed a one-of-a-kind machine learning algorithm that analyzes over 300 (and growing) indicators of attack in each message. This is across every email component—headers, subject and body, links, attachments and the content itself. This is all part of our patented email security.
And because email doesn't exist in a vacuum, neither does Avanan. By deploying as an API app, Avanan can analyze all historical emails to determine the prior trust relationship between sender and receiver, applying both user and company-wide contextual analysis to catch malicious attacks.
The average victim of phishing clicks on the malicious link less than two minutes after it arrives in the inbox. Without our machine learning algorithm to stop the email before it gets into the inbox, thousands of end-users would be clicking on phishing links daily.
Is your email vendor leveraging the right data? It's time to take a closer look.