Anti-Phishing Cybersecurity Featured Technology

VIDEOS

Video: Visual Phishing Detection Explained

See Transcript

[00:00:02.870]
Hi, I’m Alessandro Prest, CTO at VISUA. We are the Visual-AI people delivering enterprise grade computer vision solutions for a wide range of use cases and chosen by some of the world’s leading companies.

[00:00:15.090]
We were recently drawn into the world of cybersecurity because of the exponentially growing challenge in phishing, brand spoofing and the weaponization of graphics.

[00:00:24.990]
These graphical attack vectors have a dual purpose; to confuse and build trust in victims receiving them, and also to actively evade detection by the platforms seeking to block them. And they are working.

[00:00:39.130]
This short video highlights how Visual-AI technology adds an essential layer to your platform, allowing you to block these threats.

[00:00:47.750]
Traditional programmatic analysis, whether signature or AI based, simply cannot detect these types of attacks, and that’s where Visual-AI steps in. That’s why VISUA developed the simple and effective solution that is now in the field and helping phishing detection platforms to detect and block more malicious attacks than previously possible.

[00:01:12.060]
It’s important to note that our visual threat hunting stack doesn’t replace what you already do, but it is an essential enhancement to your existing threat analysis because it adds visual telemetry via a range of critical visual signals. The end result is that you gain a more complete threat scoring mechanism that will allow you to catch malicious content that you would normally miss.

[00:01:38.100]
In other words, our Visual-AI can be integrated into your existing workflow quickly and easily via API. It can be deployed in the cloud or on-premise within your own network to avoid latency issues and maximize compliance. Importantly, our Visual-AI doesn’t require any blacklists or existing knowledge of threats, so it’s ideally suited to help identify zero day threats in both malicious emails and web pages.

[00:02:08.270]
So what does it do and why is it so effective? This is the crucial part we don’t apply our Visual-AI programmatically. In fact, we don’t look at any of the code related to the email or web page because that’s where bad actors plant their traps and place their disguises. Instead, we apply a three step process as follows.

[00:02:30.990]
One, the email or web page is fully rendered to a flattened image and sent to our engine.

[00:02:37.890]
Two, the image is processed and the various potential risks are flagged.

[00:02:43.350]
Three, the results are collated and sent back to your threat analysis triage engine for final threat scoring.

[00:02:51.180]
This three step process is so effective because we see what the bad actor wants the victim to see, which means all their trickery is laid bare and fully visible, but it works at machine speed so we can handle massive volumes without causing a bottleneck.

[00:03:08.340]
But the effectiveness of our visual threat hunting is also thanks to a precise combination and configuration of specific technologies as follows.

[00:03:18.290]
Firstly, our logo detection module allows us to detect the broadest range of brand spoofing attempts thanks to having the only unlimited and largest library of brands in the industry. But as bad actors evolved to use less well known brands, our logo detection allows you to respond immediately thanks to our instant logo learning capabilities.

[00:03:42.930]
This means you can detect any logo including all variants plus skewed, distorted and modified versions of a logo. But importantly it can also detect icons and marks so it can see favicons and padlock symbols as well as safety badges.

[00:03:59.150]
We apply our object detection to identify key elements that could pose a risk like forms, buttons and links. This is important because these elements are being converted into graphics, which can’t be seen and interpreted programmatically. One of the more recent additions is the detection of QR codes, which pose a particular risk to mobile users.

[00:04:21.590]
Next, our text detection module analyzes the text looking for words and phrases determined to pose a potential risk. Take this case as an example where the bad actor has a word with random letters which are stripped using JavaScript during browser rendering. You don’t see the word ‘payment’ but we do. Finally, our visual search module compares the rendered email or web page with known good and bad images in our library. This allows us to flag pixel-perfect and close match copies of the most popular login pages, payment pages et cetera.

[00:05:00.190]
So, if you’re challenged by brand, spoofing and graphical attack vectors and are currently investigating computer vision as a potential solution, then I invite you to test ours. You’ll discover that our built-for-purpose visual threat detection is the only one that can deliver the accuracy required and handle any scale. Thanks for watching.

 

In this short video, VISUA CTO and Co-Founder, Alessandro Prest explains how visual phishing detection works.

Bad actors are using every visual trick in the book to confuse victims and evade detection. From simple things like using brand logos in emails and web pages, to more advanced techniques, like converting key elements into graphics and splitting graphical elements into many fragments. Most recently, we’ve also seen a rise in the use of QR codes with malicious links embedded. Why is this trend so concerning?

According to APWG, phishing attacks reached the highest levels of all time in July 2021. It is also a measured and accepted fact that ~95% of all compromises began as a phishing threat. These are alarming facts in themselves, but scammers are ingenious and continue to adapt. When you begin to analyze the growing threat of brand spoofing, and the latest techniques for evading detection using graphics and other visual elements, there is no doubt that computer vision has a key part to play in helping increase detection rates when added to phishing detection workflows.

An effective computer vision solution can visually analyze the content in emails and web pages, giving important signals that cannot typically be detected programmatically.

Here, Alessandro explains why and how visual-AI can be applied to this challenge using example detections to illustrate its efficacy.

For more on computer vision and phishing detection, read our white paper which delves deeper into how visual-AI and phishing detection software can work together to make communications and data safer.

RELATED

BLOG BLOG
How Visual Search is Used in Anti-Phishing

Reading Time: 2 minutes Visual Search in Phishing Protection – an effective combination Visual search is a powerful piece of computer vision technology that can enhance […]

Anti-Phishing
BLOG BLOG
How Object Detection is Used in Anti-Phishing

Reading Time: 3 minutes Object Detection plays an important role in phishing protection We have discussed previously how logo detection and text detection work with anti-phishing […]

Anti-Phishing
BLOG BLOG
The European Digital Services Act – How it Affects you

Reading Time: 6 minutes TLDR: The European Digital Services Act has been ratified into law by the European Union and will have wide-ranging implications for companies […]

Content Moderation Featured

Trusted by the world's leading platforms, marketplaces and agencies

Integrate Visual-AI Into Your Platform

Seamlessly integrating our API is quick and easy, and if you have questions, there are real people here to help. So start today; complete the contact form and our team will get straight back to you.

  • This field is for validation purposes and should be left unchanged.