Email threats get more sophisticated every year. Worrying percentages make it past your secure email gateway (SEG) and into your users’ inboxes while social engineering attacks increasingly target your high-risk users.
The 2023 Verizon Data Breach Investigations Report shows email alone is the highest cause of data breaches. Researchers at ArmorBlox recently reported that 56% of all attacks bypass your legacy security filters. The upshot? Legacy email security layers let these digital time bombs slip into the inboxes of your users.
Finally, it’s here. PhishER Plus - the most powerful anti-phishing protection available in the world. PhishER Plus is powered by a new, unique KnowBe4 global threat feed. This triple-validated phishing threat feed automatically blocks phishing attacks before they make it into your users’ inboxes using:
KnowBe4 sees things no one else can. Users report all the attacks that make it through every other filter out there. These in-the-wild threats are the most dangerous, real-time social engineering attacks at any given point in time.
PhishER Plus is available as a stand-alone product or upgrade option for current PhishER customers.
Global Blocklist - Blocklist entries of validated threats crowdsourced from 10+ million trained users are leveraged to automatically block matching new incoming messages from reaching your users’ inboxes. This continually updated threat feed is managed by KnowBe4 and syncs with your Microsoft 365 mail server.
Global PhishRIP - Messages that match an identified phishing threat other PhishER customers have "ripped" from their organization's mailboxes are then validated by the KnowBe4 Threat Research Lab. These messages are automatically quarantined by removing them from all of your users’ inboxes.
First, users report phishing threats. These are ingested by PhishER and then PhishML triages to identify clean emails from spam and threats.
The PhishER Admin then determines if threats should be added to their organization’s private blocklist.
KnowBe4’s Threat Research Lab then verifies each threat before adding it to the Global Blocklist.
The Global Blocklist syncs to the mail servers of PhishER Plus customers to block known threats before they can reach other organizations.
If a threat sneaks by before being added to the Global Blocklist, Global PhishRIP will remove and quarantine the message from all PhishER Plus customers' inboxes.
The Global Blocklist is similar to our existing private PhishER Blocklist feature, but powered by our unique crowdsourced threat feed to help your mail server prevent malicious or spam emails from reaching your users’ inboxes. Once a blocklist entry is flagged as a threat, the Global Blocklist automatically blocks new messages from making it through and continually syncs with your Microsoft 365 mail server.
KnowBe4’s Threat Research Lab compiles and analyzes data from all blocklist entries (BLEs) reported by PhishER admins around the globe to identify the most common BLEs and adds verified threats to the Global Blocklist. Additionally, any user-reported messages that organizations choose to share are validated by both human and AI-based analysis and added to the Global Blocklist.
Global PhishRIP identifies and quarantines messages from your users’ inboxes that match confirmed phishing threats reported by other PhishER customers and validated by KnowBe4's Threat Research Lab. You can use Global PhishRIP to remove email threats before they are spotted or reported within your organization. These “ticking time bombs” that already bypassed your defenses are then ready for further analysis or permanent deletion by your SOC or incident response team.
These email threats are quarantined based on crowdsourced PhishER data from KnowBe4 user-reported messages and validated organization-level PhishRIP queries. Once you enable this feature, Global PhishRIP will automatically set up PhishRIP queries so you can shut down active phishing attacks and preemptively "rip" new in-the-wild phishing attacks out of your users’ inboxes.
PhishER administrators analyze and review user-reported messages, add them to their private Blocklist and create PhishRIP queries, which is then used in aggregate by PhishER Plus.
KnowBe4’s Threat Research Lab is a dedicated team of researchers that collect, analyze, and validate identified email threats before adding entries to the Global Blocklist threat feed.
There is strength in numbers. Leverage the power of the KnowBe4 Threat Research Lab and KnowBe4’s end user network around the world to help protect against new and evolving phishing and social engineering attacks with PhishER Plus. PhishER Plus integrates AI-validated human intelligence crowdsourced from among the best trained and most technically diverse user bases on the planet, KnowBe4’s own customers representing more than 65,000 organizations and over 55 million total users. It’s simple. Together we are stronger.