Protect Yourself and Your Clients From Targeted Email Attacks

Among the countless ways humans communicate, email remains one of the most popular. Embraced by individuals, businesses, academia, governments, and more, it is ubiquitous and user-friendly, accessible and affordable. Unfortunately, when it comes to cybercrime, it is also cheap, easily exploited, prone to human error, and therefore still the most commonly used by cyber criminals and other threat actors.

In a sense, phishing – the attempt to compromise personal info, steal credentials, or convince someone to take a harmful action – weaponizes email. These opportunistic social engineering attacks prey on human nature, which can be trusting, ill-informed, arrogant, or simply lazy.

Widespread, expensive, and eyeing your enterprise

More than ever, phishing emails are rampant and costly. Verizon’s 2020 Data Breach Investigations Report found that 90% of all cyberattacks began with a phishing email. And the US Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) reported that Business Email Compromise (BEC) scams, a specific type of phishing attempt, cost businesses more than $2.1 billion over a six-year period.

Given the human element that makes phishing attacks so successful, it would be easy to assume that most attempts are made on individuals or small businesses. And while these are certainly common targets, large organizations can be just as vulnerable. Given the lucrative possibilities for attackers, enterprises and governments are often the targets of spear phishing, whaling, and BEC attacks.

The potential damages from these attacks are more than financial. Organizations stand to lose data, productivity, brand equity, and worst of all, end-user customers worried about the integrity of information and systems.

Your SEG is not going to save you…and neither is your cloud email provider

Chances are, you already know your organization makes an attractive target. And so, you rely on traditional measures like secure email gateways (SEGs) or your cloud email provider’s built-in protections will keep you safe. The unfortunate reality is that these tools are not sufficient – and they’re not as secure as you may think.

Today, more businesses are migrating from premises-based email programs to simpler, cheaper cloud-based email. Most of the reputable cloud-based email services offer built-in security features. This sounds ideal, except that SEGs don’t:

  • Always work seamlessly with these cloud-based programs
  • Focused on known threats and indications of compromise
  • Not designed to deal with the kind of phishing emails companies experience in our current reality.

Beyond functional challenges lies an adversarial one: the perpetrators of these attacks are incredibly smart. They can best your SEGs by understanding their blind spots, breaching your accounts, and carrying out their attacks despite your defensive measures.

The bottom line is that preventative technologies like SEGs and built-in email security protections from cloud providers are always destined to fail, as attackers will simply figure out how to get around them. The cyber security industry as a whole, and IRONSCALES specifically, have moved to a detect and respond model, which provides greater flexibility, adaptability and speed to deal with constantly evolving threats.

To avoid phishing attacks, dress in layers

Those same attackers often have more than just smarts – they’re usually very well-funded. As they use that funding to develop new, more advanced methods to breach networks and systems, security and risk management teams must find new ways to defend their assets. Enterprises in particular, with global locations, assets, employees, and customers, will need to consider a layered approach to email security to thwart attackers. Without it, they will constantly be playing catch-up. Email security at the gateway isn’t enough to detect the latest threats. Companies must go one layer deeper and protect at the mailbox itself.

Global problems require global solutions

Webhelp, a multinational enterprise specializing in Business Process Outsourcing (BPO), faced a similar situation in mid-2020. With more than 65,000 employees and operations in 50-plus countries, Webhelp was beset with myriad clients, systems, and compliance requirements. Having scaled up the business in a short time, the diverse organization had increased its footprint and grown its client base, but was also facing an unwieldy environment made more challenging by constant phishing attacks. And the perpetrators were putting Webhelp’s business at greater risk by focusing attacks directly on clients.

The enterprise was using a popular cloud-based email system, but its native security features were woefully insufficient given the number of users Webhelp needed to support. The SOC team knew it needed help with its dilemma and turned to IRONSCALES.

The solution we implemented for Webhelp supplemented their existing security measures by enabling the analysis, mitigation, and remediation of phishing threats automatically or on-demand at the click of a button. Employee simulation and training software improved overall phishing awareness, so the organization was twice protected, without the limitations presented by the native security features.

Read the complete case study to learn more about our solutions for Webhelp, and discover how we can help your enterprise better defend against sophisticated phishing attacks.

Eyal Benishti
Post by Eyal Benishti
March 19, 2021