From 'Search & Destroy' to Granular Analysis and Beyond: New Machine Learning Tools Enhance Detection, Visualization & Remediation Against a Growing Threat
With advanced identity deception-based email attacks expected to contribute to worldwide losses of more than $600 billion this year, businesses can't afford to let down their guard against the threats hitting their inboxes.
Fact #1: 95%of all successful cyber-attacks start with email sent to a well-targeted victim—including 79 percent of successful ransomware schemes.
Fact #2: 30% of recipients end up opening phishing emails, and more than 1 in 10 click on malicious attachments. Training alone will not address this problem and legacy email security controls are ineffective against these types of attacks.
Which is probably why we're so excited about the Summer '18 release of the Agari Email Trust Platform, which uses advanced AI to protect two trillion emails a year against assailants who hide behind fraudulent identities.
Spoiler alert: This release stops account takeover (ATO) based attacks, one of the most challenging and dangerous vectors around.
Identity Crisis
In case you hadn't noticed, yesterday's clumsy, typo-laden phishing hustles are long gone.
As SEG, APD, TAP and other technologies began to put the brakes on such content-centric approaches, run-of-the-mill email rackets have morphed into something far more insidious.
Today, it's all about identity deception—in which scammers target specific individuals with well-crafted messages that appear to come from a known or trusted sender. Their ploy: manipulate the victim into taking actions they otherwise wouldn't by making them believe the request is coming from a trusted person or organization.
How do they convince their prey that they're legit? Think display name fraud, domain spoofing and lookalike domains. Worst of all: account takeovers in which fraudsters hijack the email accounts of targets' friends, colleagues or trusted brands, where they’re free to mount devastating attacks with impunity.
The best firewall, application and endpoint solutions in the world aren't going to protect you against that. Nor will traditional email security solutions.
In fact, the deception is far easier than you may think, especially when perpetrated from a cloud service like Google or Microsoft. These messages are rarely if ever blocked. And given the sheer volume of messages they deliver, these services are unlikely to ever be blacklisted.
Increasingly, attacks involve fraudulent Office 365 document-sharing invites from colleagues. Others see perpetrators create fake Facebook and LinkedIn identities to aid in their impersonation plots.
And it’s working. After a typical attack is launched, its first target will be compromised in under 4 minutes. According to the FBI, financial losses from these scams are up a staggering 2,370% since 2015.
Innovation to Stop Deception
Fighting back against this kind of deception requires a different approach to cybersecurity. One that goes well beyond content analysis and infrastructure reputation to ferret out fraudsters in innovative new ways.
As I mentioned earlier, employee training to help spot attacks can be a part of that. But the track record speaks for itself.
Domain-based Message Authentication Reporting and Conformance (DMARC) protocols can also be useful, but are better suited for outbound attacks than inbound. We’ll dive more into this in a future post.
That's why solutions like those from Agari use machine learning technologies that combine advanced modeling and analytics capabilities with globally crowdsourced threat intelligence to assess organizations, people, relationships and behaviors to stop attacks from ever reaching their targets.
Those two trillion emails we protect each year? They constitute the communication and collaboration lifeblood of leading Fortune 1,000 companies, including six of the top 10 banks and five of the world's leading social media networks, government agencies and more. Keeping them safe and their brands secure? Kind of a big deal.
With our latest release, we're building on that momentum with innovative, data-driven solutions designed to help businesses better protect themselves from the latest malware-borne threats, gain granular visibility into specific fraud tactics, and "search & destroy" active threats in real time.
That's all just for starters. Read here for more details about the Agari Summer '18 Release.
Rising to the Challenge
The fact is, the battle against identity deception will never truly end. As long as criminals grow more inventive and effective in their schemes, the more businesses will need better solutions to defend against them.
The Summer ’18 release demonstrates our commitment to that fight. We understand that continuous vigilance is needed to identify and counter rapidly-evolving threats as the new technologies and tactics criminals use metastasize.
That's exactly why we continue to innovative—with powerful new enhancements designed to eliminate email as a channel for cyberattacks—and bring businesses and their customers closer to a world without identity deception.
To learn more about identity deception-based email attacks and how advanced machine learning solutions can help disrupt them, download an exclusive white paper on Agari Identity Intelligence.