How Rubica blocks phishing attacks

How phishing-savvy are you? 300 billion emails are sent daily…and more than half are spam. With 100+ billion malware-containing emails sent today, we’re teaming up with you to keep phishing attacks from ruining your life.

A phishing history lesson

The oddly-named “phishing” attack is really just a trick to get a person to give away control of their device or their online accounts. Mobile banking and other apps get easier to use each year, but that means hackers have an increasingly easy time deceiving us into clicking malicious links in email, on websites, or in text messages.

The phishing attack itself is surprisingly old-fashioned. As a variant of the classic “big store” con, where a thief sets up a fake store that tricks customers, the first step is for an attacker to create a fake site that looks convincingly similar to a common service (such as a bank’s website). When a visitor arrives on the fake site not realizing they’re being duped, they may skip past verifying the bank’s web address and go straight to entering their password.

Phishing is a confidence game

The attack depends completely on drawing the user into a fake website. It’s supposed to look flawless. The mail or ad is cleverly designed to mimic a familiar website to tempt the viewer into the action of clicking. Some tactics tempt by promising lottery winnings or free vacations—others try to scare us with threats to family or reputation. Good online hygiene says to distrust any email unless you expected its arrival in your inbox, and assume any online ad space could be malware.

The phishing playbook

Most people get phished like this: the attacker selects people who respond to a fake advertisement delivered either to their email or in an ad space that could be sitting on any webpage. They click a link suspecting something is wrong at their bank, quickly try to login, see a progress bar, and then watch their funds get drained. Another person receives the same kind of mail but is told to immediately install software “to repair your PC.”

Rubica knows the tricks hackers use to make those mails and ads look realistic, so our app is able to distinguish from dat.con.

How the Rubica app protects you from phishing attacks


Step 1 – The Rubica app scans your internet traffic looking for threats as you use your device.

Step 2 – Rubica blocks known phishing links as you’re browsing, preventing you from selecting them in the first place.

Step 3 – The app sends a copy of suspicious files to our Security Operations Center (SOC) for analysis, teaching our team and tools to be even smarter at hunting malware.

Step 4 – You safely browse the internet.

Even if you do somehow arrive on a bad link: our experts can see the attack unfold, intercept the fraudulent site, block your access, and record the whole event for analysis. That bad link gets immediately blocked for all Rubica customers as well. After that period, our digital records self-destruct after 28 days using Department of Defense erasure standards.

The Rubica app was developed because traditional antivirus just can’t keep up with shape-shifting malware—and frequently won’t protect all of your devices. No other security product can give you all these layers of defense without getting in your way, leaking your personal information, or turning you into a product by selling the same data it claims to protect.

Without Rubica, cybercrime is just one click away.