As a modern technology provider for real estate investors, Kiavi (formerly known as LendingHome) is concerned about email vulnerability to phishing attacks. Email is a key resource for the company, which has helped real estate investors in 32 states unlock over $4.1 billion in value.
Kiavi turned to Cloudflare Area 1 Security to protect the integrity of its email, realizing how phishing attacks opened the door to business email compromise (BEC) and other fraud. BEC allows a criminal gang to pose as a company officer and swindle users into forwarding company funds or confidential data. “We can’t exaggerate the importance of keeping those clever ploys and phishing messages from landing in front of our staff,” said Donovan Bray, Director of DevOps and IT.
Kiavi knew that it was only a matter of time until the company became a target for spear-phishing emails. The company needed a robust, innovative solution to detect incoming attacks and neutralize the danger.
Kiavi started with using Google’s Gmail system alone, believing that Gmail’s spam filter and rules would catch phishing emails in addition to spam. But that was far from true. Even the best spam filter is not engineered to recognize highly targeted phishing emails. Unlike the avalanches of spam released 24/7, which can be flagged and filtered effectively, phishing campaigns are extremely sophisticated. They are purposely constructed to present a low volume attack profile that doesn’t appear on a spam filter’s “radar.” So hackers can actually steal right past spam defenses and arrive in employee inboxes with an apparently innocent request. The attackers often do their homework and appear to know the company well. This ability to masquerade as legitimate communication is one of the many reasons why phishing is responsible for many breaches.
In addition to BEC, phishing is the root cause for a spectrum of email attacks. Two notorious phishing attacks faced by other companies were the DocuSign malware and the “Google Docs” worm — which posed as email from a trusted contact and tricked users into yielding their permissions, while infecting their contacts too. Relying on a spam filter alone to find and stop phish is similar to leaving doors and windows unlocked when a burglar is in the neighborhood. In addition to the danger of phishing itself, Kiavi employees had to take the time to report potential phishing attempts to Information Security.
Kiavi reviewed a number of anti-phishing solutions before turning to Cloudflare Area 1. Of course, they had employee training to recognize phishing attacks, but they wanted to ensure they had the highest levels of protection. So they decided to augment their efforts with Area 1’s powerful preemptive capabilities, and keep phishing emails from arriving in employees’ inboxes. Although training can lower malicious intrusions, just one click on a phishing email can result in a catastrophe.
With Area 1, phishing attacks are comprehensively and preemptively stopped. The service acts upon live attacks, which are discovered globally using distributed sensors at specific attack relay points. Sophisticated analytics and innovative web crawling capabilities deliver advanced visibility into emerging and active phishing threats, so they can be proactively shut down before even reaching Kiavi’s perimeter.
The company also appreciates Area 1’s push notifications that warn of phish in real time, as well as the versatile dashboard. Kiavi wanted to keep users from being bombarded by suspicious emails and expending time and energy to evaluate messages that could be phishing. Yet, each one had to be checked, because phish are getting more and more professional.
“I’m happy to say that Cloudflare Area 1 exceeded all of our expectations,” Donovan says. “It took less than half an hour to get the service up and running.”
Results were assessed by how often a user reaches out with suspect email to be investigated. Kiavi now goes weeks without a single report — instead of multiple reports per day as in the past. It would have been impossible to reach someone at Google to report the problem—much less having a resolution immediately in place.
“Even though Google spam filtering does an okay job, we now see plenty of malicious emails caught by Cloudflare Area 1 after passing through Gmail’s filters,” Donovan says.
Phishing and spoofing are two areas where Kiavi’s sees a big improvement in Area 1’s service, versus Google spam filtering alone. Now, the company sends all malicious, suspicious, and spoof emails automatically to Google quarantine, saving substantial time.
Prior to Area 1, even with Google’s G Suite Spam and Phishing rules, far too many phishing attempts made it to user inboxes. Now, thanks to Area 1’s effectiveness, phishing concerns have eased dramatically. “We rolled it out with virtually no trouble, and it’s now stable and effective, requiring little to no attention,” Donovan notes.
“I’m happy to say that Cloudflare Area 1 exceeded all of our expectations. It took less than half an hour to get the service up and running.”
Director of DevOps and IT
“We now see plenty of malicious emails caught by Cloudflare Area 1 after passing through Gmail’s filters.”
Director of DevOps and IT