Social Media Company Reduces Phishing Risk from Targeted Attacks with DeleteMe

A household-name social media company partnered with DeleteMe to reduce its phishing risk and improve its cybersecurity posture.

For this social media platform, cybersecurity is critical for ensuring business continuity. However, despite steady investment in market-leading security solutions and talented personnel, as the organization grew, its security posture developed a critical human vulnerability. Within the company’s global workforce, increasingly targeted phishing attacks were allowing advanced threats to bypass security controls and enter their corporate network.

Although the company had introduced a phishing awareness training program, phishing attacks were still succeeding. Particularly for high-profile employees used to receiving hundreds of emails per day, it was becoming nearly impossible to spot fake emails. These emails appeared credible because they used personally identifiable information (PII), including their names and job titles.

Mitigating this rising security threat meant doing more than just relying on employee anti-phishing training. In addition, the social media company needed to identify the individuals most at risk from targeted phishing attacks and reduce how much of their PII was available to threat actors.

At the same time, because the high-profile employees most often targeted by spear-phishing attacks typically had incredibly busy jobs, whatever method the company chose to protect these individuals needed to work without placing any extra burden on the staff themselves.

The Solution

The company’s Chief Security Officer partnered with DeleteMe in order to take a triple-layered approach to reduce their phishing risk. Training employees on evolving phishing risks was the first step. Then, by proactively scouring the web for instances of employee PII, DeleteMe gave the company’s security team a better picture of how PII was creating phishing risk vectors within their organization. This meant security teams could identify key individuals whose information profiles and job titles put them most at risk from advanced phishing threats.

Results

Covered executives and employees quickly saw the results of having the DeleteMe Solution in place to find and remove their PII from online sources. For the social media company itself, the risk of a cybersecurity incident due to phishing was dramatically reduced. Since deploying DeleteMe, none of the company’s covered staff have fallen victim to a phishing email.