Skip to main content

Social Engineering Attacks

Information about how Ark Light provides security against Social Engineering threats.

Damon Jackman avatar
Written by Damon Jackman
Updated over 4 years ago

Social Engineering attacks aim to get people to reveal financial information, login credentials, or other sensitive data that can then be used or sold by the attacker. They often exploit positive character traits such as trust and the desire to help others, which only adds to impact that an attack has on the victim. Often social engineering attacks are well crafted and targeted, for example by referring to specific employees, which allows them to get through traditional cyber security tools. Ark Light technology is designed specifically to identify and remove Social Engineering attacks.

Spear Phishing

Spear Phishing is a type of Social Engineering attack which uses email to acquire sensitive information. The attacker takes steps to appear as if their email is coming from a trusted source, such as a vendor to the target company, and sends a message to one or more specific individuals. The information sought by the attacker varies, but common Spear Phishing campaigns target:

  • Credit card or banking information.

  • Donations related to a recent well-publicized natural disaster.

  • User login credentials for a third party software application.

Sometimes the Spear Phishing email will be the first part of an attack that includes additional steps. For example, an email pretending to be from the target's bank will include a link to a log in page that resembles the bank's own but is in fact a page created and hosted by the attacker that will capture the victim's log in details.

Ark Light Protection

Ark Light offers comprehensive protection against Spear Phishing for customers using Google Workspace or Microsoft Office 365 as their email provider. All emails to the customer are monitored for known Spear Phishing threats through a set of rules that are continuously updated and improved to identify emerging threats.

When a threat is identified the following process is triggered:

  1. Delivery of the email is prevented and it is moved to a holding location so that the recipient cannot fall victim to the attack.

  2. The customer is sent a notification to review the email.

  3. Ark Light presents clear information about the email and what was detected, including allowing the user to review the message in a safe way.

  4. The user either:

    1. Confirms the threat and the email is deleted; or

    2. Marks the email as safe and it is delivered as intended.

This process prevents Spear Phishing attacks while allowing any message that was erroneously identified as a threat to be reviewed and delivered.

Did this answer your question?