Common Threats

Learn how Strongarm protects against all types of online attacks.

Happy Clickers

What it Is: Employees don’t always have proper training on IT security issues, so they may be prone to click on phishing emails, malicious links, or other types of social engineer, leading to security issues for the whole organization. Even with plenty of user education, some people just love to click! Happy clickers are a fact of life for many businesses and are by far your greatest risk.

How We Protect: Strongarm acts as an extra layer of protection for those clickers in your organization. If a user clicks on a bad link, Strongarm will prevent the machine from communicating with the attacker and gives you the opportunity to give your user a dose of phishing education from right inside Strongarm. Happy clickers can also be encouraged to forward emails to Strongarm using our Suspicious service, which will review and verify whether the email is safe. If it’s a phish, we will automatically blackhole any domains in the e-mail so that if anyone else in your organization clicks on the phish, they will be protected.


What it Is: Ransomware is a type of malware that is able to hold digital files hostage until a sum of money is paid by the business to unlock them. It is often spread via phishing emails and has become a very popular attack in the last few years, especially against small businesses.

How We Protect: With Strongarm, businesses can prevent ransomware from freezing their files by tracking and intercepting communication with malicious infrastructure on the web. When users click on a phish, Strongarm gets in the middle and gives them an instant dose of user education. Strongarm also stops ransomware from phoning home to download the ransomware itself and its encryption keys, providing another opportunity to keep devices safe from attack.


What it Is: Targeted phishing attacks often go after key employees with access to the CEO or sensitive information and can lead to major fallout, such as information loss and legal troubles. Because they are more targeted, they often have lower success rates, but the consequences can be dire.

How We Protect: After a user has clicked a phishing link, Strongarm steps in and prevents the user’s machine from actually connecting with the malicious site. Strongarm keeps password credentials safe, and stops the user from disclosing company secrets or PII to the attacker. As a bonus, we help re-enforce phishing education. Your users can also forward potential phishing emails to Strongarm using our Suspicious service, which will review and verify whether the email is safe. They will get a custom message back from our analysis team regarding whether they were a target and what the attacker was likely going after.

Exploit Kits

What it Is: Exploit kits are automated malware injection programs that search for known vulnerabilities and take advantage of them to spread malware. They’re the most common way you will encounter zero-day exploits in your browser. One of the sneakiest things about exploit kits is that they often don’t even require a single click to spread. That’s why they’re often called a “clickless threat.”

How We Protect: To protect against automated and clickless threats like these, Strongarm stops traffic on your network to hacked websites that are loaded with exploit kits. Neither antivirus nor firewalls can protect you against exploit kits, but Strongarm keeps you safe. Perhaps best of all, Strongarm protects even before patches are available.


What it Is: Malvertising is when criminals purchase web advertisements and then stuff malicious code into them (often exploit kits.) With most malware, someone on your network has to click on a “bad link” for anything to happen. With malvertising, users don’t need to click anything at all. The attack can start as soon as an affected web page is loaded.

How We Protect: Strongarm, uses DNS blackholing technology coupled with comprehensive threat intelligence to prevent these ads from ever appearing in your browser, which means they can’t load and can’t infect your machines. This foils attacks without impacting end users at all. Since your user didn’t do anything wrong (the website was hacked not your user,) our analysis team will triage the alert and let you know there’s nothing to worry about on your end.

Zero-Day Attacks

What it Is: Zero-day attacks target newly discovered vulnerabilities. By definition, they are undisclosed exploits. There is no amount of patching you can do to protect yourself.

How We Protect: Zero day attacks go after new vulnerabilities, but they still use the same type of attack infrastructure. Phishing sites, malware distribution and C2 - all of this remains the same. Strongarm can catch them using its threat intelligence, which are curated and updated daily—even hourly—to stay on top of the latest threats.

Crypto-currency Mining

What it Is: “Miners” are IT savvy individuals who run code on their computers to mine computing resources to create Bitcoin and then trade those resources for actual money. Mining requires a lot of computing power, so there has been a rise in unsanctioned Bitcoin and other crypto-currency mining. Miners, or in this case attackers, hijack your web browser and use it to make new currency and line their pockets with Bitcoin. Essentially they use up all of your computing power and your memory, slowing down your computing capabilities for their personal gain.

How We Protect: Strongarm’s content filtering capability includes a “Resource Abuse” feature. The feature blocks everything from Coinhive (a popular mining tool) to Edgemesh (a new Peer-to-Peer CDN) using our DNS-based filtering. It only takes one click to block the whole category along with any other malware, ransomware, malvertising, and more, all without an appliance at every one of your sites.

How Strongarm Thwarts Attackers

How many of these threats does your current security program handle?

Learn More

about why firewalls and antivirus are not enough.