Today the biggest risks that a consumer faces in internet are phishing and malware. There have been a number of high profile attacks on financial organizations as new kinds of threats have emerged resulting in increased number of attacks. A recent study by Gartner shows that 40% of all attacks by 2011 will be financially motivated Phishing attacks.
Similarly, Malware threats are growing rapidly. By infecting end users' computer systems a malware carries out malicious activities such as password stealing. To infect large number of users, malware authors place malicious code or links on websites trusted by them. More and more e-commerce and banking websites are being targeted by attackers causing financial losses and eroding customer trust.
Paladion Phishing & Malware Monitoring service aims at detecting such attacks early in their evolution, take timely response to prevent or minimize the potential damage that could be caused.
24X7X365 phishing attack detection and alert
- Track usage of bank's digital watermark
- Monitor web-server referrer logs
- Monitor report-abuse mailbox provided to customers
- Monitor anti-phishing forums
- Track new domain name registrations to detect any spoofed site being registered
- Web site analysis to track phishing sites
Rapid Incident Response
- Initiate take-down of the phishing site
- Feed fake user-id password to phishing site
- Identify customers who have been phished
- Coordination with law enforcement, CERT, ISP as needed
- Reduce/prevent financial loss from phishing attacks
- Higher trust for your customers since reputation is not affected by phishing attacks
- Meet regulatory and compliance requirements through evidence collection, coordination & reporting
- Availability of logs for legal action
Paladion's 24x7x365 Security Operations Center (SOC) is the backbone behind this unique, hybrid "Man-Machine" malware monitoring. It builds a safe baseline for publicly reachable pages while the scanning engine periodically spiders to check for deviations from the baseline. It also scans the website content with several popular anti-virus scanners.
- Automated scanning service backed with expert analysis.
- Paladion Scanning Portal for new enrollments, alert history and scanning status checks.
- Scanning using leading anti-virus software, changed occasionally based on market feedback.
- Signature updates checked every hour.
- Create website 'safe baseline' to detect malicious code/link additions.
- Advanced alert management—add known and valid changes to the baseline.
- Crisp, easy-to-understand summary reports with low false positives.
- Highly scalable architecture to scan thousands of websites and web pages.
- Email and SMS alerts on malware detection.