KnowBe4 has launched a new feature to its PhishER product called PhishRIP, which helps security professionals remove, inoculate and protect against email threats faster.
Technical controls do not filter out all of the malicious emails that come into a user’s inbox. Various research has shown that phishing, spam and malware attachments still make it through email filters. Mimecast notes filters are missing 12% of unwanted emails.
According to research by the University of Plymouth in the UK, 75% without links and 64% with links of potential phishing messages made it into inboxes and were not in any way labelled to highlight them as spam or suspicious.
An organization’s users report suspicious emails using the KnowBe4 Phish Alert Button (PAB), and those messages are sent to PhishER to be categorized as clean, spam or threat based on configuration settings. From there, PhishRIP looks at any user-reported message in PhishER and searches and optionally quarantines similar messages across all the users’ inboxes within an organization. Any messages found are then ready for further analysis, quarantine or permanent deletion by the incident response team.
“No matter what percentage of malicious emails get through to users’ inboxes, you have to remember that it only takes one wrong click to potentially compromise an entire organization,” says Stu Sjouwerman, CEO of KnowBe4. “This new feature makes targeting large phishing campaigns much easier by identifying and removing suspicious emails from users’ inboxes, even if they haven’t been reported through the use of the PAB.
Especially during a time when IT departments are being overwhelmed with extra work and risks due to users working from home, it’s critical to help security professionals to automate some of their processes and identify threats faster.”