Email is the most common attack vector for business cybersecurity breaches. It’s estimated that over 330 billion emails will be sent every day this year — and while training users to recognize potential email-borne threats is important, slip-ups are inevitable when dealing with such vast volumes of messages.With the average breach costing $5 million, just one successful attack can spell doom for a small business. MSPs must take steps to understand the threat posed by business email compromise (BEC) attacks, and to ensure their clients are fully protected.CEO fraud is perhaps the most common form of BEC attack. Cybercriminals use highly targeted emails, spoofing the account of a CEO or other senior executive figure (or in some cases, obtaining access to the genuine account), to send seemingly legitimate requests for money or data. A prominent example is when hackers impersonated Snapchat’s CEO to obtain highly sensitive information about company employees in February 2016. Vendor email compromise (VEC) is where a cybercriminal gets in through one of the vendors working with the company. In March 2021, a cybercriminal compromised the email account of a law firm and sent a password-protected file including malware in the package. Because it came from a regular partner, the recipient didn't identify the email as suspicious. False invoice schemes involve sending an invoice for payment for services that were not provided. For example, in 2013–2015, even Facebook and Google fell victim to a gang of cybercriminals who had set up a fake company and billed $121 million using legitimate-appearing invoices to their accounts payable departments. Early detection methods: Machine learning-based software to identify threats, using techniques such as domain-based message authentication, reporting, and conformance (DMARC); DomainKeys identified mail (DKIM); and sender policy framework (SPF). SPF is an authentication technique that enables receivers to identify fake emails ― even those originating from trusted domains. Scan all incoming email traffic: This should be done using advanced rapid-scanning techniques. Pattern and link recognition: Machine learning tools identify potentially dangerous links based on both actual URLs and familiar patterns from malware attacks. And computer vision analysis can recognize anomalies in images attached to emails. Attack pattern detection: Some machine learning and AI software packages identify patterns of virus behavior, such as computer virus signatures and irregularities in CPU usage. Creating a checklist of email security essentials and requirements for vendor selection Identifying the vendors, integrators and cloud offerings that meet these requirements Considering a vendor’s reputation based on independent lab reviews, customer testimonials, and discussions with the vendors themselves Reviewing demos and trialing software from shortlisted vendors The best security partners will invest time in creating a detailed proof-of-concept and customized solution for MSPs. One-size-fits-all solutions are far from ideal for most MSPs, who often need to provide different capabilities to different clients (without paying for anything unnecessary). Testing customized solutions in a sandbox environment is important to ensure complete protection coverage.
This guest blog is courtesy of Acronis. Read more Acronis guest blogs here. Regularly contributed guest blogs are part of ChannelE2E’s sponsorship program.
Channel
Getting Email Security Right: The MSP Perspective
Email marketing online message network communication internet
You can skip this ad in 5 seconds