Intermedia Raises the Bar for Email Security with AI Guardian
With cyberattacks up 700% last year1, having the right email protection in place is crucial to protecting your business against increasingly more sophisticated BEC attempts.
What is BEC?
Business Email Compromise (BEC) are targeted attacks that avoid using files or attachments that can be identified as suspicious. Instead, these attacks use social engineering to build trust and then persuade your users to take steps that compromise them or your business. To learn more about BEC, here’s a video. This type of attack is very different from phishing attacks that rely on sending large numbers of emails in the hope that someone will make a mistake and download a malicious payload in an attachment or download from a link or website. BECs are targeted attacks that use public knowledge about your organization from social media or search engines. By identifying employees in different roles, and even relevant topics and events, the attackers builds a scenario that is believable and likely to fool the target.
The most common objectives are to convince an employee to disclose credentials, download ransomware, initiate a financial transfer for a fraudulent invoice, or redirect payroll. But how this is done and the specific objective is constantly evolving.
Why is BEC Relevant?
Although the raw number of these attacks is smaller than typical phishing, the impact is much higher per incident. The FBI tracks BEC crimes as its own category and reported over $1.8 billion in losses, representing 44% of all reported business and consumer losses last year. The size of the reported losses and lower number of reported incidents than other types of attacks translate into very large dollar losses per incident- almost $100,000, making this, according to the FBI, one of the most financially damaging online crimes.
How is BEC different- why does it need a different approach?
Traditional email security essentially relies on known profiles of files, links, users, and domains that have been identified as malicious and cataloged. This approach can be very fast, efficient, and effective against threats that have been seen before or contain malicious payloads that can be identified based on known characteristics. But, while this continues to be an effective approach for these traditional threats, it doesn’t address BEC targeted attacks, which are customized, and don’t contain payloads or malicious links.
BEC attacks are designed to evade these traditional checks so they can get to the user’s mailbox and then deceive them by seeming credible and not raising the suspicion of the user. So, addressing this requires an approach that monitors the user’s mailbox and applies advanced techniques to detect potentially malicious email. AI Guardian is designed to do exactly this, by analyzing the language, context, and historical pattern of emails to identify and stop suspicious emails. AI Guardian is like having a security expert sitting beside your users, warning them about suspicious emails, showing them what to watch out for, and reporting the results to you.
What’s the advantage of our approach?
Intermedia Email Protection is an email security solution designed to protect your organization from sophisticated, real-time email threats that can cripple or even take down your business. It uses multiple industry-leading email scanning engines to prevent traditional spam, viruses, malware, and phishing threats from reaching your mailboxes. And our new AI Guardian adds protection against BEC targeted attacks by analyzing thousands of signals – including the language of the email – to stop a wide range of socially engineered targeted attacks that evade traditional detection. Intermedia Email Protection with AI Guardian provides Intermedia business email customers with the best possible protection in a single easy-to-use service.
For more information please visit our Email Protection page.
1 Bitdefender – Mid-Year Threat Landscape Report 2020