Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
JAMES FORBES-MAY,
VP OF APAC FOR
BARRACUDA NETWORKS
EDITOR’S QUESTION
Cybercrime losses cost $3.5 billion
globally in 2019, with business email
compromise (BEC) causing the most
destruction, according to the FBI’s Internet
Crime Complaint Center (IC3). The list of
email borne threats seems to grow every
year, varying greatly in complexity, volume
and the impact they have on businesses and
their employees.
Defending against today’s sophisticated
email threats is no easy feat, as criminals
continually bypass defenses using backdoor
techniques, including spoofing, social
engineering and fraud, to penetrate
networks and wreak havoc.
Some businesses invest heavily in security
architecture, while others aren’t able to. The
one common denominator is what has long
been regarded as the organization’s weakest
link: its employees.
All organizations need to ask the question:
Do users know how to distinguish between a
legitimate email and an email threat?
Increasingly complex attacks
Understanding the nature and
characteristics of attacks will help you build
the best protection for your business, data
and people. There are three email threats
that users find most difficult to detect.
1. BEC: A cybercriminal gains access to a
business email account and impersonates
the owner’s identity to obtain something of
value – usually money, login credentials or
other sensitive data. Typically, emails look
like they come from the owner. Often, victims
don’t know legitimate email addresses of
co-workers or managers, so if the name looks
correct, they don’t question it.
According to Barracuda, 85% of BEC
attacks are urgent requests designed
to get a fast response, with one-in-10
successfully tricking users into clicking. That
number triples for emails that impersonate
someone from HR or IT.
2. Conversation hijacking: Attacks happen
after a cybercriminal has already gained
access to an internal account. They insert
themselves into a legitimate conversation
thread by spinning up a lookalike domain
and effectively remove the compromised
party. This isolates the email thread to just
the hacker and their victim. Sometimes the
only clue will be a very subtle difference
in the email address or domain of the
compromised party.
3. Brand impersonation: There are
two types of brand impersonation.
Service impersonation is when a hacker
impersonates a commonly used application
to coax users into re-entering login
credentials or other personal information.
Brand hijacking is when a hacker uses
a spoofed domain to impersonate a
reputable company.
Users have become accustomed
to receiving legitimate emails from
applications prompting them to re-enter
credentials, reset passwords, or agree to
new service terms. Most don’t think twice
before clicking links that ultimately send
them to phishing sites.
Protect against evolving threats
Attacks have evolved to bypass traditional
defenses and require organizations to set up
protection, not only at the gateway, but also
beyond it. Every business needs to deploy the
right combination of technology and people
to have effective email protection.
While comprehensive email gateway
defenses provide a solid foundation, using
a multilayered protection strategy radically
reduces susceptibility to email attacks and
helps better defend your business, data
and people.
The best defense against email threats
is to make users aware of the threats
and techniques used by cybercriminals.
With continuous simulation and security
awareness training, employees can recognize
and report malicious content, transforming
them into an important layer of defense. •
www.intelligentcio.com
INTELLIGENTCIO
35