Description:ESET Cloud Office Security overview diagram.
Seeing improvements in phishing attacks, in 2024, ESET boosted its cloud application protection with Anti-spoofing, a feature that identifies and prevents attackers from pretending to be trusted sources, and Homoglyph protection, which detects malicious email domains pretending to be legitimate through the substitution of letters with similar characters or letters from other alphabets.
Recently, ESET Cloud Office Security got two new features dealing with other types of obfuscation techniques in phishing emails:
Malicious QR code detection – This feature recognizes potential quishing attacks by identifying QR codes in emails, extracting embedded links, and scanning them using ESET anti-phishing, anti-malware, and anti-spam engines. This helps block malicious URLs before users can access them.
Malicious calendar invite protection – Scans calendar invites and related emails for spam, phishing links, malware, suspicious attachments, and embedded QR codes. If a threat is detected, both the email and the calendar event are automatically removed, preventing fake meeting requests from reaching users.
To reduce complexity, ESET Cloud Office Security can be integrated with Microsoft 365 or Google Workspace in just a few minutes, enabling immediate protection. The solution supports multi-tenant management for tens of thousands of users – new employees are automatically protected without manual onboarding. Suspicious emails can be quarantined, managed, and investigated easily through an intuitive dashboard.
Attackers perfect their tools, do the same
A single phishing email can cripple a business of any size, and with cybercriminals perfecting their tools and tactics, this threat is more serious than ever.
While businesses can’t stop attackers from using AI to gather intelligence and launch spearphishing campaigns, they can raise multiple layers of defense to detect and block phishing attempts. Awareness training remains important, but automated, AI-powered protection is essential to identify threats that human eyes simply cannot.
ESET Cloud Office Security provides robust protection against attack vectors originating from email and collaboration platforms, stopping phishing attacks before they do any harm.
Get ESET Cloud Office Security full 30-day free trial now!
Frequently asked questions:
What is phishing and why is it dangerous?
Phishing is a social engineering tactic that uses impersonation and urgent calls to action to trick users into revealing sensitive data or downloading malware.
How has phishing evolved over time?
Phishing used to rely on volume and obvious tricks like poor grammar or suspicious URLs. Today, attackers use AI to craft convincing messages quickly and at scale—IBM reports AI can reduce phishing email creation time from 16 hours to just 5 minutes.
How common are phishing attacks?
Phishing is likely the most common attack vector. ESET telemetry shows that 28.2% of all detected malware is delivered via phishing.
What obfuscation techniques do attackers use?
- Email Sender Spoofing: Fake “From” and “Reply-To” fields.
- Homoglyph Attacks: Using similar-looking characters (e.g., “℮s℮t.com” instead of “eset.com”).
- Typosquatting: Slight misspellings (e.g., “eseet.com”).
- Quishing: Malicious QR codes hiding URLs.
- Malicious Calendar Invites: Fake invites bypassing email filters and auto-adding to calendars.
How can businesses protect themselves?
Adopt a prevention-first approach involving minimizing the attack surface, reducing complexity, boosting cyber hygiene, and staying ahead of compliance.
How does ESET Cloud Office Security help?
ESET Cloud Office Security offers AI-powered protection for Microsoft 365 and Google Workspace, combining spam filtering, anti-malware, anti-phishing, and cloud sandboxing. ESET is continuously updating cloud applications protection to spot even the most sophisticated phishing.