editor’s question
C?
JAMES FORBES-
MAY, VP OF
APAC FOR
BARRACUDA
NETWORKS
ybercrime losses
cost billions
globally in 2019,
with business
email compromise
(BEC) causing the
most destruction,
according to the FBI’s Internet Crime
Complaint Center (IC3). The list of emailborne
threats seems to grow every year,
varying greatly in complexity, volume and
the impact they have on businesses and
their employees.
Defending against today’s sophisticated
email threats is no easy feat as
criminals continually bypass defences
using backdoor techniques, including
spoofing, social engineering and fraud to
penetrate networks and wreak havoc.
Some businesses invest heavily in
security architecture, while others
aren’t able to. The one common
denominator is what has long been
regarded as the organisation’s weakest
link: its employees.
1. BEC
All organisations need to ask
the question: do users know
how to distinguish between
a legitimate email and an
email threat?
Increasingly
complex attacks
Understanding
the nature and
characteristics of
attacks will help you
build the best protection
for your business, data
and people. There are three
email threats that users find
most difficult to detect.
A cybercriminal gains access to
a business email account and
impersonates the owner’s identity to
obtain something of value – usually
money, login credentials or other
sensitive data. Typically, emails look like
they come from the owner. Often, victims
don’t know legitimate email addresses of
co-workers or managers, so if the name
looks correct, they don’t question it.
According to Barracuda, 85% of BEC
attacks are urgent requests designed
to get a fast response, with one-in-10
successfully tricking users into clicking.
That number triples for emails that
impersonate someone from HR or IT.
2. Conversation hijacking
Attacks happen after a cybercriminal
has already gained access to an internal
account. They insert themselves into
a legitimate conversation thread by
spinning up a lookalike domain and
effectively remove the compromised
party. This isolates the email thread
to just the hacker and their victim.
Sometimes the only clue will be a very
subtle difference in the email address or
domain of the compromised party.
3. Brand impersonation
There are two types of brand
impersonation. Service impersonation
is when a hacker impersonates a
commonly used application to coax
users into re-entering login credentials
or other personal information. Brand
hijacking is when a hacker uses a
spoofed domain to impersonate a
reputable company.
Users have become accustomed
to receiving legitimate emails from
applications prompting them to re-enter
credentials, reset passwords, or agree
to new service terms. Most don’t think
twice before clicking links that ultimately
send them to phishing sites.
Protect against evolving threats
Attacks have evolved to bypass
traditional defences and require
organisations to set up protection, not
only at the gateway, but also beyond it.
Every business needs to deploy the right
combination of technology and people to
have effective email protection.
While comprehensive email gateway
defences provide a solid foundation,
using a multilayered protection strategy
radically reduces susceptibility to email
attacks and helps better defend your
business, data and people.
The best defence against email threats
is to make users aware of the threats
and techniques used by cybercriminals.
With continuous simulation and security
awareness training, employees can
recognise and report malicious content,
transforming them into an important layer
of defence. u
Every business
needs to deploy the
right combination
of technology and
people to have
effective email
protection.
30 Issue 29 | www.intelligentciso.com