1. IT-Security >
  2. Cyber Security Nachrichten >
  3. Businesses Grow More Vulnerable to Email Attacks, Even with Improved Defenses


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Businesses Grow More Vulnerable to Email Attacks, Even with Improved Defenses

RSS Kategorie Pfeil IT Security Nachrichten vom | Quelle: reddit.com Direktlink öffnen

Businesses Grow More Vulnerable to Email Attacks, Even with Improved Defenses

Editor's Note: This post can originally be found on the Agari Email Security blog.

https://i.redd.it/lwn4jicgn3b31.png

By Patrick Peterson

Cybercriminals increasingly use new forms of identity deception to launch an email attack to target your weakest link: humans.

Call it a case of locking the back window while leaving the front door wide open. Throughout the last year, a number of reports have surfaced about sophisticated cyberattacks that are proving all too successful at circumventing the elaborate defenses erected against them.

Firewall? Check. Application security? Check. Endpoints? Those are covered, too. Yet despite the millions organizations spend each year on perimeter security, the bad guys are still winning. In 2018, cybercrime losses exceeded $2.71 billion in the United States alone.

But how can this be possible? How can businesses grow more vulnerable even as their defenses harden? As it turns out, 97% of organizations are failing to effectively leverage modern technology to protect against the number one target cybercriminals use to implement their schemes—human beings.

Indeed, whether it’s the Marriott breach that exposed the personal information of up to 500 million people or the 12 million patient records stolen through the Quest Diagnostics breach, cyberattacks tend to have one thing in common—they almost all involve identity deception perpetrated against specific individuals. And that means they almost always start with email.

Mission Impersonate for Data Access

The fact is, email is still the most popular tool for business communication and collaboration. But most email security systems are falling short in protecting organizations against fraud.

Today, up to 94% of data breaches start with an email reaching a well-placed target. And while you may think this number is excessively high, we’re not talking about the typo-laden phishing email attacks of the early 2000s.

Cybercriminals now produce flawlessly crafted messages capable of deceiving virtually anyone. They’ve also come to understand something far more critical to their success—you’re much more likely to be fooled into disclosing sensitive information or downloading dangerous malware if you’re reacting to a trusted colleague or someone you wish to impress.

Take the current trend in file-sharing email fraud. According to CSO, cyberthieves are increasingly leveraging information from social media to target corporate employees and then posing as colleagues and sending them file-sharing phishing emails from OneDrive and other popular cloud services.

Embedded links within the emails lead recipients to fake sign-in pages, where they’re prompted to enter their personal credentials. Attackers then leverage those credentials to hijack the real accounts of victims, where they can steal valuable information, access contact lists, and launch ever-more devastating attacks.

The problem is that most email security solutions can’t detect this kind of fraud because the login page is hosted on a compromised website with a good reputation.

Advanced Email Attacks: Personalized & Pernicious

Most identity deception-based email attacks increasingly follow a similar playbook. First, they leverage popular cloud services in order to make infrastructure reputation less reliable. After all, it’s not as if organizations can simply blacklist the likes of Google or Microsoft, since they also send a large amount of legitimate email.

Second, they appear to come from identities and brands the target trusts. Think simple display name ploys, where fraudsters insert a trusted identity within the “from” field within Gmail and Yahoo so it appears to be legitimate. Or domain spoofing, which involves displaying a legitimate email address, which is possible when organizations do not secure their brands from cybercriminals. But that’s not all.

In a look-alike domain email attack, criminals substitute say, “invoices-acme.com” for an actual domain, like “acme.com,” to send fraudulent invoices. And then there are account takeover attacks, which originate from legitimate (but compromised) accounts and are notoriously difficult to detect since there is little indication that the emails are not who they say they are from.

Whatever the technique, the highly personalized messages within these emails are designed to be indistinguishable from everyday business email—rendering traditional content analysis ineffective. The goal is to manipulate the recipient into taking some action or disclose some piece of information that they assume will be safe, and unfortunately, they are more successful than we’d like.

Stemming the tide of such attacks won’t be easy.

Securing the New Perimeter Against Phishing Attacks

Security awareness and phishing training can help employees detect some of these new forms of email attacks. But the quality and sheer volume of new email schemes mean that will only go so far.

And yes, Domain-based Message Authentication Reporting and Conformance (DMARC)protocols can help stop domain spoofing and brand hijacking. But 97% of companies have yet to set up policy parameters to optimize effectiveness. But even then, this doesn’t protect against all the attacks that target employees and partners.

It’s also unclear how many organizations are deploying machine learning technologies with the kind of modeling and analytics capabilities needed to go beyond content analysis and infrastructure reputation to assess people, relationships, and behaviors and put an end to the identity deception-based email attack.

As it stands now, there probably aren’t enough of them. Cybercrime is only continuing to increase as criminals become smarter, so we must be prepared to take a stand against them. All this to say, we better hope more organizations move beyond just securing that “back window” on the perimeter—and stop the endless stream of identity-based email attacks flowing through their front door.

To learn more about identity deception and the rapidly evolving threat from email attacks, download our report on the latest trends in email fraud.

submitted by /u/AgariInc
[link] [comments]
...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu Businesses Grow More Vulnerable to Email Attacks, Even with Improved Defenses






Ähnliche Beiträge

  • 1. Using ML to Stop Latent Email Attacks That Dodge Early Detection vom 283.36 Punkte ic_school_black_18dp
    Editor's Note: This blog post was originally found on the Agari Email Security blog. https://i.redd.it/7c4i38jbupc31.png By Scot Kennedy When implemented effectively, real-world deployments of machine learning (ML)-based email security can block b
  • 2. Businesses Grow More Vulnerable to Email Attacks, Even with Improved Defenses vom 278.53 Punkte ic_school_black_18dp
    Editor's Note: This post can originally be found on the Agari Email Security blog. ​ https://i.redd.it/lwn4jicgn3b31.png By Patrick Peterson ​ Cybercriminals increasingly use new forms of identity deception to launch an email attack to target yo
  • 3. "Can I Take Over XYZ?" - A List Of Services And How To Claim (Sub)Domains With Dangling DNS Records. vom 166.24 Punkte ic_school_black_18dp
    What is a subdomain takeover?Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or deleted. This allows an attacker to set up a page on the s
  • 4. APPLE-SA-2016-02-25-1 Apple TV 7.2.1 vom 129.48 Punkte ic_school_black_18dp
    From: Apple Product SecurityReply to listAPPLE-SA-2016-02-25-1 Apple TV 7.2.1 Apple TV 7.2.1 is now available and addresses the following: bootp Available for: Apple TV (3rd Generation) Impact: A malicious Wi-Fi network may be able to determine netwo
  • 5. BIMI Moves Forward as Google Commits to Pilot Program vom 117.24 Punkte ic_school_black_18dp
    Editor's Note: This blog post was originally found in the Agari Email Security blog. https://i.redd.it/1wr50acjppc31.png By Armen Najarian BIMI is going big time like never before—and brands won’t want to get left behind. In a major announc
  • 6. Dealing with the Global Threat of BEC Attacks as Cybercriminals Go International vom 107.59 Punkte ic_school_black_18dp
    Editor's Note: This blog post was originally found on the Agari Email Security blog. https://i.redd.it/195otpf7fhd31.png By Patrick Peterson Business email compromise (BEC) attacks are still a prime tool in the arsenal of cybercriminals when it com
  • 7. Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability vom 97.45 Punkte ic_school_black_18dp
    This is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry an
  • 8. The Malicious Use of Artificial Intelligence in Cybersecurity vom 95.83 Punkte ic_school_black_18dp
    Criminals and Nation-state Actors Will Use Machine Learning Capabilities to Increase the Speed and Accuracy of Attacks Scientists from leading universities, including Stanford and Yale in the U.S. and Oxford and Cambridge in the UK, together with civil societ
  • 9. Top 5 Secure Dark Web Email Sigaint|Torbox|Bitmessage|Mail2tor vom 86.03 Punkte ic_school_black_18dp
    Dark-web-emailDark web is also known as hidden internet.Lot's of dark web browser are available which provide the access to dark web.Now a days,dark internet website increased due to security and privacy issue.People using the dark internet to surf the net anon
  • 10. Top 5 Secure Dark Web Email Sigaint|Torbox|Bitmessage|Mail2tor vom 86.03 Punkte ic_school_black_18dp
    Dark-web-emailDark web is also known as hidden internet.Lot's of dark web browser are available which provide the access to dark web.Now a days,dark internet website increased due to security and privacy issue.People using the dark internet to surf the net anon
  • 11. AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide vom 85.29 Punkte ic_school_black_18dp
    Original release date: October 11, 2018Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5] In it we highlight the use of five publicly a
  • 12. Understanding differences between corporate and consumer Gmail threats vom 81.42 Punkte ic_school_black_18dp
    Posted by Ali Zand and Vijay Eranti, Anti-Abuse Research and Gmail AbuseWe are constantly working to protect our users, and quickly adapt to new online threats. This work never stops: every minute, we prevent over 10 million unsafe or unwanted emails f