Supported platform version:
The Spear Phishing App is designed to orchestrate and optimize the organization’s security tools to conduct detection, investigation and mitigation operations against email fraud campaigns targeted at individual users, which can result in confidential user information theft, as well as compromise of integrity and availability.
Spear phishing is only an initial step in multi-stage targeted attacks. The Spear Phishing App identifies different indicators of the threat such as email spoofing, dynamic URLs and drive by downloads. In order to validate the nature of the threat, the Spear Phishing App investigates further stages such as malware communication (C2) based on the platform’s Intrusion Detection System and reputation services, binary download and more. The Spear Phishing App uses the platform’s mitigation service to disable malicious communication and break the chain of attack.