Remember the game show Who Wants to Be a Millionaire? When a question was posed to a contestant that they were unsure about, one of their options was to phone a friend. The idea was that two heads are better than one, and studies have shown that the reasoning of a group is often superior to the rationale of any one member of that group (it’s also why a trial by jury is generally preferred to a bench trial, in which there is only one finder of fact). The concept, known as crowd wisdom, also applies when trying to prevent phishing attacks.
How Crowd Wisdom Helps With Phishing Scams
We’d like to believe that employees have wisened up to phishing scam tactics over the years, and many of them have. The problem is that phishers have evolved as well, becoming more sophisticated than ever before. Today, phishing scams have been known to turn even the savviest internet user into a victim. In fact, studies show that 97% of people cannot identify a phishing scam.
That’s where crowd wisdom comes in. Phishers probably have a good chance of duping individuals who may not know how to detect phishing on a one-on-one basis. But if you have a group analyze a suspicious email, at least a few are bound to recognize it as a phishing scam. By activating the wisdom of the crowd, the phish can be identified and eliminated.
How Crowd Wisdom Helps Prevent Phishing Attacks
If you’re a member of a social site such as Linkedin or Facebook, you know that social circles often intersect; we’ve all had those “it’s a small world” moments when we discover that a co-worker knows one of our old high school friends.
That’s why, when you get a connection or friend request from someone you don’t know, the site will inform you if you share a common contact. This helps validate the request, and allows you to grow your personal and professional network without worry. This is very similar to how phishing prevention software such as Clearedin works.
With Clearedin, when a new, suspicious email enters a user’s inbox, it is marked as a potential phishing scam and locked, meaning links and attachments cannot be opened and it cannot be forwarded until it is marked as safe. When users open the email, they are notified as to why the email may be phish, and whether or not other individuals received the same email and what action they took.
For example, let’s say the same email went to five employees in the same organization. The user can see whether their colleagues marked it as phish, and respond similarly. If, on the other hand, the others marked the email as safe (for example, one of them recently began working with a new vendor and knows the email is legitimate), the user can mark it as safe as well, and then proceed to respond to it and open links and attachments with newfound confidence. It’s all about applying the crowd wisdom concept to email.
How Crowd Wisdom Builds a Trust Graph
Crowd wisdom does more than just help individual employees. Over time, it also builds a trust graph, a digital map of the relationship patterns and interactions of an organization. Because phishing goes beyond just email, it also analyzes interactions on communication channels such as Slack.
Using artificial intelligence (AI), the software learns which email addresses can be trusted and which are suspicious. When an employee marks an email as safe or as phish, the AI also updates the trust graph accordingly.
This helps on the administrator side as well. Admins using Clearedin have a comprehensive dashboard that allows them to view trusted domains, contacts, and emails. They can also dive into the details of the trust graph to see exactly how people are interacting across email and communication channels. Best of all, when a phishing scam has been identified through crowd wisdom, they can clear it out of everyone’s inbox company-wide with just the click of a button.
Clearedin Phishing Prevention Software
Crowd wisdom is just one of many ways Clearedin helps to prevent phishing attacks; it should by no means be an organization’s sole phishing prevention technique. Aside from crowd wisdom, Clearedin software also analyzes the meta data, links, and attachments of all incoming and outgoing emails and communications on its own to protect employees and the organization as a whole. Want to learn more about Clearedin to prevent phishing attacks? Phone a friend and call us today for your free demo!
Protect Your Organization From BEC Phishing Attacks
Download our guide to learn everything you need to know about BEC attacks.