Email Received - Suspect Everyone. No Exceptions

Use Case

A financial controller received an email from a supplier's system, which appeared to be a legitimate, long-standing supplier.

The email contained a PDF invoice, a standard attachment.

The controller (recipient) opened it. It appeared normal, opened as expected.

The Attack Scenario

Unbeknownst to them, the supplier's system had been breached, and this invoice PDF had been subtly altered with at least one of the many known PDF vulnerabilities that can be included inside legitimate PDF objects: ● Scripts ● Attachments ● Links ● Images ● External programs ● Flash ● Media clips.

In this use case, a Zero-Day Exploit was embedded deep within the file's structure. This seemingly innocuous PDF could be used in a kind of modern cyberattack, providing attackers with a backdoor into the financial network, potentially leading to widespread ransomware or data exfiltration days or weeks later.

How do conventional cyber defenses intervene?

Mostly, attacks such as this pass freely through the conventional cyber defenses: ● Firewalls ● Antivirus ● Antimalware ● Secure Email Gateways/Mail Relays ● Web proxies ● Secure browsers ● EDR/XDR ● WAF ● Sandboxes.

How does Yazam CDR technology intervene?

Before reaching the controller's inbox, Yazam Email CDR filter deconstructed and filtered those "invoice" PDF objects. The Yazam CDR Engine identified non-conforming, potentially malicious elements deeply embedded within the PDF structure, checked if they were malicious, and removed them completely if needed. Then it reconstructed a clean, functional invoice as a PDF file.

When using the Yazam CDR technology, the controller received the legitimate invoice and was informed about the sophisticated attack that was just neutralized.

Want To Really Secure Your Emails? Contact YazamTech Today