Tackling Spear Phishing when the Stakes are High

  • 11 June 2019

Polarcus is the world leader in offshore geophysical services. Its fleet of green, hightech vessels conduct explorations from pole to pole, producing seismic survey data for global clients. Headquartered in Dubai, the company is listed on the Oslo stock exchange.

Polarcus is protecting 350 employees with Tessian Defender. 

“Our security stack was doing a pretty good job, but it wasn’t protecting individuals from spear phishing attacks. We knew very quickly that Tessian would fill a vitally important gap in our security toolkit.”
Erik Ruis Head of IT

The spear phishing paradox

Spear phishing is a relatively new and very different kind of security threat. For decades, spam and bulk phishing attacks have relied on unsophisticated mass messaging, effectively hoping that one or two people out of thousands don’t pay attention and make elementary mistakes.

Spear phishing, by contrast, is far more malicious. Inbound emails targeting specific people, using social pressures to imply urgency, are a much more challenging threat for legacy security products.

Erik Ruis joined Polarcus as Head of IT in early 2019. At that point the company was working out how to address sophisticated threats that could bypass its existing security infrastructure. He comments, “Threats like data theft and systems takeover can start from a single spear phishing email. Making things more complicated, companies in our sector have become targets for attackers seeking financial gain or trying to make an environmental or political statement.”

This set of circumstances led Polarcus to Tessian.

“The product is unique in the market. I quickly realized that Tessian could help us give our employees a better understanding of advanced security threats in real time.”
Erik Ruis Head of IT

Helping users make better judgments

Spear phishing techniques like domain impersonation (when an attacker changes, for example, ‘tessian.com’ to ‘tesssian.co’ in order to trick a user into thinking an email is coming from a colleague) pose enormous risks to organizations. To effectively combat these threats, busy email users needed to understand in real time why an email might be suspicious. Defender, Tessian’s product built to combat spear phishing threats, was the natural solution.

In Erik’s experience, “When you show someone a phishing email and tell them it’s an impersonation, they are still sometimes unable to understand why it’s fake.”

This underscored the benefits of a product that leverages machine learning to automatically provide contextualised warning messages to users, a fundamental part of the Tessian offering.

Now, Erik says, “we don’t get many alerts from Tessian, but when they happen people definitely notice them and benefit from them.”

“We see Tessian sitting alongside our existing security products, acting almost as an insurance policy: set up to catch the small proportion of sophisticated attacks that other products miss.”
Erik Ruis Head of IT

What the future holds

As Polarcus continues to innovate, Erik will keep looking for intelligent products that can tackle issues to do with human behavior on email, such as data exfiltration. The key will be identifying solutions that focus on “patterns of behavior, rather than rules.”

In the meantime, attackers trying to circumvent legacy rule-based systems means that for Erik, “as perpetrators become more creative and more sophisticated over time, I expect Tessian’s products to keep adding even more value.”

Learn more about how Tessian prevents human error on email

Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.