The threat landscape is ever changing, meaning protecting email for your business can be an intimidating task.

Whilst unsophisticated brute force attacks remain common and building a strong gateway defense against these is vital, threats are increasingly coming from attackers that are using a variety of smart techniques to avoid detection.

This is illustrated by the fact that only 7% of spear phishing attacks come as a result of direct business email compromise. The rest take advantage of techniques that are much harder to detect, such as domain impersonation and conversation hijacking amongst others.

Many of these attacks rely on social engineering and human vulnerability rather than technical means, meaning most email threat protection solutions and strategies are unable to detect them.

The costs to businesses from these types of attack can be very high.

In 2018 the Italian football club, Lazio, were reported to have moved £1.75 million for a player transfer to the account of a hacker via a spoof email.

So what forms can these attacks take?

Account Takeover
Account takeover is where a hacker is able to gain access to an account using legitimate log in credentials (often taken from some of the large scale leaks that have been widely reported) which are then repurposed and used for malicious means.

Stealing of credentials in this way takes advantage of the fact that many people re-use the same passwords for different log ins. In this form of attack criminals can impersonate the true owner of the account and for example ask for money to be transferred into an account that appears legitimate.

Spear Phishing & Social Engineering
Spear phishing is an attempt to gain access to unauthorised information by targeting a specific individual. Emails are spoofed to appear as if they come from a trusted source, often with an urgent request for an action. Once a user clicks, they are then taken to a page that installs malware or captures important details that the hacker can use.

Spear phishing differs from phishing in that it is aimed at specific individuals (for example a company CFO) with the intention of getting them to complete a specific action and these attacks are often engineered over time.

Domain Spoofing & Impersonation
This is a variation of phishing where communications are designed to impersonate legitimate domains or sources. For example, an email address may be misspelt by one letter with the intention that the recipient will not notice such a minor difference. These email addresses are then used to send communications that appear to be genuine, with the aim of instigating money transfers and compromising other information through forms and malware.

So how can you protect yourself against them?

Luckily there are some key steps you can take to protect your business.

1. Educate employees — Teach your employees how to recognise email attacks such as phishing, business email compromise, and conversation hijacking, as well has how to report suspicious messages. Use phishing simulation such as Barracuda Phishline to train users to identify cyberattacks, test the effectiveness of your training, and evaluate the users most vulnerable to attacks
2. Add account-takeover protection — Make sure you have technology in place that can detect and block business email compromise and other impersonation attacks. Barracuda Sentinel is available from Cloud Direct and uses AI based behavioral analysis and awareness of the latest threats to intelligently protect your business.
3. Watch for unusual logins or IP addresses — Use an email security solution to identify suspicious activity, including logins from unusual locations and IP addresses, a potential sign of a compromised account.
4. Establish policies to confirm transactions — Help employees avoid falling for this type of attack by putting procedures in place to confirm email requests for wire transfers, for example two step sign offs and secure password policies.
5. Enforce business wide security policies – Features such as multi-factor authentication are built into Office 365 and will immediately make your business more secure. Ensure all staff are aware of the policy and make usage an essential for access to the system.

How can Cloud Direct help to keep you secure?

Our Modern Workplace Experts build security into every project and integrate solutions such as Microsoft ATP and Barracuda Total Email Protection to ensure customers are protected as best they can be.

We were the first Microsoft partner in the UK to roll out Microsoft 365 for one of our customers, and we closely monitor the Secure Score for each business we work with so that we can make recommendations that will help them stay protected. Our modern workplace experts have put together a number of resources on this subject, showing how you can make use of the secure score for your business.

To find out more about our security services including our modern workplace security kickstart get in contact with a member of our team today.