Proofpoint closes acquisition of Tessian.

Request a demo
Request a demo
Request a demo
Request a demo
Request a demo

What’s new — QR Code Phishing Detection, Optical Character Recognition, and Faster Search

Meghan Brisson • Wednesday, November 1st 2023
What’s new — QR Code Phishing Detection, Optical Character Recognition, and Faster Search

Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises.

Check out the latest product updates from Tessian: 

QR code phishing protection

Announced in early October, Tessian has responded rapidly to the emergent threat of QR code phishing. Having seen increased attacks and reported inquiries from our customers, our engineers quickly responded. To recap our blog, QR code phishing attacks encode a malicious url within the code itself. The recipient scans the QR code and unknowingly visits a malicious website intended to deliver malware of harvest credentials. We’ve seen a concerning uptick and bad actors are likely finding them effective while traditional email security providers have difficulty detecting them. 

While Tessian was already using behavioral analysis to detect QR codes from untrusted senders — flagging sender spoofing or lookalikes, our recent release leverages advanced scanning technologies and threat intelligence to block malicious QR codes within emails. By extracting the URls from QR codes for analysis, Tessian can proactively prevent these threats from reaching inboxes.

Optical Character Recognition

We are further improving threat detection capabilities for image based attacks like QR code phishing. Tessian now supports Optical Character Recognition or OCR detection to extract text from images and expose hidden malicious intent. For example, Tessian will identify text embedded in images like “your account has expired,” “scan the qr code,” or “review and sign this document.” This will trigger a security event and users will see either a defanged email (images removed) and warning banner or an admin quarantine notification depending on the settings. 

Faster Search

Last month, we announced the Lightning search (Beta), which took a common security analyst frustration – waiting for search results – out of the equation. And today we’re announcing generally available faster search. Legacy SEGs can take over 30 seconds to return results for a single email incident. Tessian searches millions of emails and returns results in less than 1 second. This speed empowers security teams with the fastest email incident response capabilities on the market, making their teams more efficient while reducing organizational risk. 

We’re excited to reduce time spent investigating emails further with support coming for searching the full bodies of emails (not just metadata), as well as a Lucene query syntax to speed up investigations. 

The impact of faster search is already being felt at customers like B. Riley Financial

“I used to use Global Relay to find my emails but now primarily use I&R to find the emails I need to look at… the new faster search is 10x better than the older search, that’s definitely much better than it was, I do use the ability to tag the email as malicious and rip it out of mailboxes quite a lot”
B. Riley Financial

HTML Previews 

We’re making the admin experience even easier with email screenshots within the Tessian portal. Now security admission can see exactly what their end-user is seeing when reviewing flagged threats — giving a better overall picture of the email (literally). This speeds up investigation time so admins don’t have to switch between portals to view flagged images.

Meghan Brisson