ZeroFox and Google Cloud Team Up to Stop Phishing in its Tracks

ZeroFox and Google Cloud Team Up to Stop Phishing in its Tracks
4 minute read

Read this blog post to learn about how ZeroFox’s new partnership with Google Web Risk helps to quickly disrupt phishing attacks and scales protection across more than five billion devices worldwide.

Phishing is one of the most prevalent cybercrimes on the internet today with an estimated 3.4 billion spam emails sent daily from malicious domains. Advances like anti-phishing software help, but as we push further into a world of global connectivity, the challenge is becoming more ubiquitous. According to the most recent FBI Internet Crime Complaint Center (IC3) report, phishing attacks (and by extension vishing, smishing, and pharming) overwhelmingly led their list of reported crime types with a whopping 323,972 victims targeted and over $44M estimated losses in the US alone. APWG also reported that in 2022, they saw a 75% increase in unique phishing websites detected over the prior year. Needless to say, threat actors are becoming increasingly emboldened in their efforts to deceive and defraud digital brands, businesses, and customers. 

Google Web Risk and the ZeroFox Global Disruption Network

Takedowns (ie. the removal of malicious or violating content) processed and executed directly with the phishing domain’s host provider or registrar remain one of the most effective responses to combating phishing and other domain-based attacks. However, relying exclusively on takedowns to remediate domain threats simply isn’t enough to take on modern adversaries who have the infrastructure to scale attacks and outpace defensive security mechanisms. ZeroFox is known in the cybersecurity industry for best-in-class solution for takedown services, however, we also recognize that a truly effective remediation strategy must do more to combat phishing and malicious sites. This is why we have invested so much in helping organizations fight back with total adversary disruption solutions.

In 2022, we announced the launch of our Global Disruption Network (GDN) which enabled us to work directly with partners and customers to automate the process of reporting threat indicators to participating hosts, registrars, service providers, and web security outfits to quickly block access to malicious sites and content and disrupt attack campaigns. In our mission to make the digital world a safer place, we are thrilled to now be partnering with Google Cloud’s Web Risk service as part of the GDN; expanding protection coverage across five billion devices globally from phishing and malicious websites.

What is Google Web Risk?

Google Web Risk is a Google Cloud web security service that enables enterprise applications (such as the ZeroFox Platform) to integrate via API and check URLs against Google's constantly updated lists of unsafe web resources. Sites deemed “unsafe” consist primarily of phishing domains (i.e., deceptive sites that aim to harvest victims’ account credentials and personally identifiable information – PII) and sites that host malware or unwanted software. 

Once the service confirms a domain meets the criteria of being categorized as unsafe, it quickly blocks direct user access to the website with a warning message of the risk it presents. Google Web Risk uses an underlying repository that is constantly updated by scanning billions of URLs daily and shares the same technology and capabilities as Google Safe Browsing. Today, Google Web Risk protects billions of internet connected browsers (not just Chrome) and devices (not just Android) at a volume and scale unmatched across the web.

How Does ZeroFox Work with Google Web Risk?

ZeroFox is the first enterprise partner to use the Google Cloud Web Risk Submission API, pairing Google Web Risk’s protection of 5 billion devices with ZeroFox’s decade-plus expertise in malicious domain takedowns. By leveraging our platform’s rapid detection of domain threats and patented model for the distribution of threat indicators for disruption, it will automatically share phishing and malicious URLs detected by our platform and rapidly block user access to them. Simply put: ZeroFox provides Google Cloud with malicious sites that users shouldn’t access. With this unique partnership, we’re geared to provide more value to our customers, disrupt more threats, and provide a wider scale of protection coverage against phishing and fraud than ever before.

Want to Learn More About ZeroFox and Google Web Risk?

Read the press release announcing the partnership with Google Web Risk here and read more about ZeroFox’s Global Disruption Network.

See ZeroFox in action