The Power of AI to Defeat Phishing

An average of 126,000 domain names are registered every single day¹. Some of these can be registered for less than $1 USD and used to launch any number of phishing campaigns on unsuspecting users. An attacker can quickly copy over legitimate logos, diagrams, and graphics from trusted companies and easily create fake forms to capture user passwords and sensitive data. By the time someone spots and reports the abuse, the attacks have long since vanished.

This creates a problem for companies that rely on human-generated blocklists. The lag-time associated with human reporting means they will never be able to respond quickly enough to this type of attack. Whether the list is crowd-sourced or managed by a professional security company, it shares the same fatal flaw, phishing sites won’t be blocked until they are reported and added to a list. Are there any better alternatives?

The past five years have seen a dramatic increase in the use of Artificial Intelligence. Most people may not realize that AI already empowers their questions to Siri, the spam-blocker for their email account, their Facebook newsfeed, and their conversations with technical support. Behind the scenes, AI is churning through the 2.5 quintillion bytes of data that is generated each day and turning it into useful information².

This is also a game changer for internet security. AI can crawl through web domains and make instantaneous and highly accurate categorizations of content, in a manner that is orders of magnitude faster and with more depth than a human being. When it comes to combating phishing, AI is able to meet the challenge by scanning sites in real-time and determining if they belong to trusted entities or not. One of the way to do this is through image recognition. AI compares copied or slightly-altered images on a website, to that of trusted entities and can spot even minute differences. It can also compare this with many other data points (website copy, DNS records, etc) to assess and score a newly seen or newly registered domain. This opens the possibility to shift the security timeline from reactive to proactive — intercepting an attack that has not yet been launched.

DNSFilter uses our AI engine to scan newly registered domains for phishing threats and to categorize the content of sites into their appropriate categories. If a website has never been viewed by our customers, our engine can scan it in real-time and block/allow access based on this categorization, all within 60 seconds. We believe AI is the future of internet security, and the way to shift security from being reactive, to proactive.

[1]: Whoisds (September 17, 2018). Newly Registered Domains https://whoisds.com/newly-registered-domains

[2]: Forbes. How much data do we create every day? https://www.forbes.com/sites/bernardmarr/2018/05/21/how-much-data-do-we-create-every-day-the-mind-blowing-stats-everyone-should-read

Search
  • There are no suggestions because the search field is empty.
Latest posts
What is Secure Web Gateway: What It Does, Benefits, and More What is Secure Web Gateway: What It Does, Benefits, and More

In today's world of ever-increasing cyber threats, organizations need strong defenses to protect their networks and data and in this complex digital ecosystem, we need more than just one line of defense.

Revving Up the Fun: DNSFilter's IndyCar Experience Recap — St. Pete Edition Revving Up the Fun: DNSFilter's IndyCar Experience Recap — St. Pete Edition

What a weekend at the track! DNSFilter was thrilled to host 10 guests alongside Pax8 this weekend for an unforgettable IndyCar experience in sunny St. Petersburg. Those who joined us came from Thrive, MVP Network Consulting LLC, Myrtle Beach Academy of Aviation, Entech, NetGain Technologies,Warren Averett Technology Group, LLC, and ECMSI—we were lucky to be in such great company for our very first race of the season.

Man-in-the-Middle Attacks: What Are They? Man-in-the-Middle Attacks: What Are They?

A man-in-the-middle (MITM) attack is a form of cyber threat where a bad actor inserts themselves into a conversation between two parties, intercepts traffic, and gains access to information that the two parties were trying to send to each other. It allows attackers to eavesdrop, collect data, and even alter communications between victims. Understanding the mechanics, implications, and defense mechanisms against MITM attacks is essential for prote...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.