McAfee Advanced Threat Defense Lures then Catches Spear Phishing Malware

I meet with an impressive set of customers on a weekly basis and I find those interactions educational, but also exciting. It gives me a better understanding of their pain points, perspective and helps me set our team’s strategy. One area that continues to baffle me is the lack of awareness around the advancements in email security. I have found that more often than not, customers view email security as a “commodity,” as they are thinking simply of spam protection.  The reality is that the email challenge is no longer about spam, which is a relatively well-known science, it’s about spear phishing.  Although not new, we’re finding that spear phishing has grown in sophistication and frequency during the last few years.  Most attacks, especially those that are targeted at a specific organization, primarily enter through email.  In fact, Network World recently reported that 95 percent of all attacks on enterprise networks are the result of successful spear phishing.

At McAfee, what we’re finding is that human beings are the missing security link when it comes to traditional email protection.  You see, when a threat like phishing comes into the organization through email, it’s often so authentic-looking that it’s nearly impossible for the average employee to detect – that is – until it’s too late.  My team recently designed and promoted a Phishing Quiz to raise awareness around the sophistication of these types of attacks and the dangers behind a naïve click.   To evade detection, these messages use sophisticated social engineering and advanced malware to be both convincing and carry a payload undetectable by traditional solutions. I took the quiz and was fascinated by how authentic these phishing emails can look and how we can easily be ‘social engineered’ to click on a link that could have devastating potential.

While we work hard to help educate the public about online security and safety, we understand that even the most seasoned security experts cannot always identify fake emails.  That’s why we’ve invested in technology and development that can do that for our customers and our consumers.  McAfee recently unveiled its latest defense against advanced malware:  McAfee Advanced Threat Defense.  This solution is built on the exciting technology we gained from the acquisition of ValidEdge and combines sandboxing and in-depth static code analysis with the leading McAfee emulation engine, anti-virus technology, and global reputation feeds.  McAfee has created the market’s most advanced approach to stealthy malware detection that identifies sophisticated, hard-to-detect threats by running suspected malware in a “sandbox,” observing its behavior, analyzing the code and assessing the potential impact the malware may have on an endpoint and a network.

This Advanced Threat Defense technology, and our strategy to integrate it with our core security products, is the answer to protecting organizations from advanced malware, delivered through virtually any protocol.  Along with the integration into our IPS solution and our Web Gateway, we now have Advanced Threat Defense technology integrated with our Email Gateway, which protects our customers against threats like spear phishing.  To detect stealthy attacks, McAfee Email Gateway runs in-band threat detection, and sends over remaining suspicious files to Advanced Threat Defense for further analysis.

The bottom line:  Messages, like spear phishing that contain malware, will no longer reach the end-user because this tight integration allows Advanced Threat Defense to inform the email gateway of the threat. McAfee Email Gateway can then immediately block the message. This is a closed-loop approach to malware detection and response that eliminates the need for manual intervention.   Unlike most standalone sandboxing technology, McAfee Advanced Threat Defense finds advanced malware and works with other McAfee solutions to freeze the threat and fix impacted systems.  Find. Freeze. Fix. That’s innovation.

At McAfee, we are steadfast in our belief that a complete layered solution is critical to the foundation of an advanced malware detection infrastructure – with McAfee Email Gateway being just one piece of the ideal infrastructure to detect advanced malware. You can find out more about our other network security defenses on, and to help keep organizations educated and up-to-date on how our Email Gateway plus Advanced Threat Defense stops sophisticated malware in email, we’ve created resources that you can access here.

Leave a Comment

3 × two =