Malicious Phishing Protection Achieved with Bromium’s Application Isolation [video]
- Use Bromium to stop malicious phishing and safely open any shared web link from email or chat clients
- Eliminate restrictive IT security policies that limit user access to shared URLs
- Protect remote and roaming endpoints from malicious links when outside of layered defenses
The news isn’t good. Malicious phishing links in email and chat clients continue to slip past all defenses, leading to enterprise data breach, loss, and even destruction. This is despite advancements in anti-phishing techniques, steady improvements to secure email gateways, user awareness training, and phishing test performance.
These always-on pathways for cybercriminals and nation-state attackers rely on an end user’s predictable behavior to achieve the breach. Users tend to click on shared links quickly and with little thought. Because that’s what we do.
Phishing is an inexpensive way to wreak havoc.
Malicious phishing links delivered by email or chat clients are efficient, cost-effective, and always evolving. They are increasingly popular because they work so well, taking various forms, including:
- Phishing emails: When a user receives an email with a malicious link to a website hosting malware. Once the user visits the malicious website the malware is delivered to the endpoint via a drive-by downloads by exploiting specific browser vulnerabilities.
- Malicious links: in benign email attachments easily slip through layered defenses since nothing about the attachment triggers malware detection engines, leading to a drive-by download or browser exploit.
- Drive-by attacks: In a drive-by download attack, malware can be installed on an end user device without their consent. When the user visits the website exploit kits take advantage of known browser vulnerabilities to install malware on the endpoint.
- Watering-hole attacks: An attacker infects a website that is commonly used by the target. For example, an attacker may be targeting a specific organization. Through research, the attacker knows about a common website that employees visit. Malware is delivered to the target employee when the employee from the target company visits the website.
- Malvertising: Attackers use web advertising to distribute malware. The malware is delivered to victim machine via known browser vulnerabilities.
- Chat clients: Whether delivered intentionally or inadvertently (like posting a link to a “Joke of the Day” website), shared links to external websites can contain compromised pages leading to browser exploits.
Bromium uses isolations instead of detection and site categorization and eliminates remediation by containing browser-borne threats, keeping them away from the host using virtualization-based security.
Get the report: Security Current CISOs Recommend Endpoint Security
With Bromium Secure Browsing for Chrome, Firefox, and Internet Explorer, tasks run on the host machine transparently, inside micro-virtual machines—not remote, sanitized stream renderings of isolated content—with fast and familiar performance, full usability, and support for all rich media web formats.
Using hardware-enforced isolation, each browser tab runs in its own secure container. Web threats delivered through the browsers are completely isolated from the host—and from all other browser tabs to prevent cross-contamination—so that the threat physically has no place to go.
When the browser tab is closed, the threat is terminated along with the micro-VM. The full malware kill chain is sent to the Bromium Controller and shared with all other Bromium devices on that customer’s network via the Bromium Sensor Network, further hardening the infrastructure and reducing the overall attack surface.
Get immediate value from micro-virtualization and put an end to malicious phishing attacks once and for all. Contact us to see how to add Bromium to your security stack.