Over time, cyber criminals have had to get more creative with their tactics. Cyber attacks have evolved from spam and malware to phishing, and now spear phishing, defined as, “fraudulently sending emails from a known or trusted sender to induce targeted individuals to reveal confidential information.” By now, most hackers have learned how to bypass traditional security gateways to gain valuable information or monetary compensation. Spear phishing attacks are often difficult to recognize by individuals until it is too late. However, with the help of artificial intelligence and a security awareness training program, MSPs can significantly strengthen their customers’ defenses.
One particularly dangerous threat is business email compromise (BEC), when an attacker obtains access to a business email account and imitates the owner’s identity, in order to defraud the company. While this type of attack only makes up about 7 percent of all spear phishing attacks, they have been reported to cause the most monetary damage. According to the FBI, business email compromise has caused more than $26 billion in losses over the last four years. Barracuda recently published a report that dives into various spear phishing attacks which utilize a variety of different tactics. In the report you will learn some best practices to help you mitigate them. Below are some of the key takeaways from my review of the report.
Combating business email compromise
Business email compromise attacks have direct and serious impacts on companies of all sizes. They can result in interruptions of business, data loss, monetary loss, and brand damage. In order to better protect your SMB customers from these risks, here are a few best practices to put into place:
Implement solutions that leverage artificial intelligence and machine learning. Business email compromise and social engineering are difficult attacks for traditional email gateways and filtering technology to detect. However, with some AI-based solutions, these attacks can be easily flagged. For example, Barracuda’s Sentinel recognizes internal patterns like who interacts with who, when they typically communicate, and even how individuals usually sign their emails. By collecting this information on a granular, per user level, the solution can detect anomalies and identify attacks that might otherwise go undetected. This increased visibility into internal communications can help you detect and prevent attacks.
Train employees how to recognize a business email compromise attack. Your customers’ employees are the ones being targeted. Protect your customers’ business by educating them. Most business email compromise attacks do not contain a URL or an attachment. Hackers instead, will make a specific request based on the research they have done, often impersonating an already compromised account. An example of a BEC attack could be when an employee in the finance department receives an email from the “CEO” asking to perform a wire transfer of funds to an external bank account. Users should be aware of this and to pay attention to unusual requests. By implementing a strong security awareness program, these attacks will be identified faster, and hackers will leave empty handed.
Be ready to respond fast. Once an attack is launched, the race begins. The longer an attacker spends inside the organization, the more damage they can do. If you have adequate training in place, employees will be better equipped to identify threats as they come about, but no training program provides a 100 percent guarantee that something can’t go wrong. However, including details on how to appropriately report attacks is crucial. Another thing you can do to protect customers, is deploying an automated incident response solution that identifies the scope of attacks and quickly removes malicious messages from inboxes before any damage is done. For example, with Barracuda Forensics and Incident Response, businesses can use automation to quickly stop the impact of email delivered attacks – from every inbox – within minutes.
While business email compromise makes up only a small portion of spear phishing attacks, it is important to learn how to combat these attacks so you can help your customers prevent huge monetary losses. To learn more about how to mitigate these attacks, read our latest volume of our spear-phishing report where we analyzed more than 1.5 million spear-phishing emails to draw actionable insights to benefit your business today.
Photo: Chinnapong / Shutterstock.