KEEPNET LABS > Use Cases > Payment Swift Phishing Incident Responder

Payment Swift Phishing Incident Responder

Today, cyber attackers trick targeted users with sophisticated social engineering attacks that make most technological precautions inadequate. A spear-phishing email with a title like “Payment swift 034954053917” could not be detected by many email security components on the day it spread. New generation enterprise solutions like antivirus, firewall, sandbox and etc. could not detect this malware, which has left the email user at risk.


What’s left when all safety measures inadequate?

A “well-trained user” has a critical position as a last and effective defence wall when technological measures are inadequate. Today, no technology can think, perceive and comment as human intelligence can do. In situations where complex attacks initiated by social engineering tools have rendered technological measures ineffective, a well-trained user has the best shielding to detect and prevent these risks.

The spear-phishing email entitled “Payment swift 034954053917” passed through many new-generation technological measures and reached to the inbox of an employee in a company that is the pioneer of its industry. However, this employee was able to understand this email was problematical due to previous training and experiences that he had received from Keepnet Labs anti-phishing and cybersecurity awareness platform. Using the Phishing Incident Response module, the employee reported this suspicious content with a single click through suspicious activity reporting button and send it to the third-party analysis services. And these analysis services confirmed that the email was malicious.

Could this email have reached to the other users ?

Traditionally, to understand if this email has reached to any other user, specialists look for this in the event log of the email service or try to find formula if they are transferring real email service records to a log correlation solution (SIEM). In such a scenario, an effort of 1-2 hours and coordination of different teams is required, which may cause the attack to succeed!

With the Incident Investigation module, which can analyse suspicious activities at the inbox level, a search operation is performed under a minute. With the query on the Keepnet Labs Phishing Incident Investigation screen, it is possible to know whether active users have the email titled “Payment swift 034954053917” or there are emails send from “” in the last 30 days.



A technology that covers
all phases of email attacks

Keepnet Labs protects businesses throughout the life cycle of email-based attacks, using holistic products that cover people, process and technology to prevent breaches and data loss.

Increase awareness

Simulate phishing attacks and provide training to increase employee knowledge about email-based threats.

Employees participate

Enable your employees to report suspicious emails via the Phishing Reporter add-in.

Support Heroes

Our cyber superheroes are always there to keep you out of trouble.

Patent Pending Technologies

Keepnet’s unique technologies help you keep your organization secure.

Get Your Private Demo Session

Book a free 30-minute video call with our experts.

Use Cases

Keepnet Labs Advantages