Ever since the first spam email message, we have been at war with cyber criminals, who seek to subvert our email communications. We are experiencing an online arms race: As anti-spam solutions improve, criminals find ways around these defenses. Business Email Compromise (BEC) is an area where the criminals have the upper hand against traditional Secure Email Gateways (SEGs).
According to Agari’s research, 94% of BEC attacks leverage display name deception. Using a free webmail account, criminals set their display name to match an executive’s name or the name of a vendor, bank or other business. Standards such as SPF, DKIM and DMARC don’t protect against this style of attack, and even purpose-built anti-phishing and anti-malware solutions fail when the phishing link or malware is specially-crafted to only impact the intended victim. Some of the most dangerous attacks do not utilize any sort of payload, again rendering anti-phishing/anti-malware add-ons ineffective.
How can organizations move beyond traditional email security methods to protect against modern BEC attacks?
Join guest speaker Nick Hayes, Senior Analyst of Forrester’s Security and Risk Practice and John Wilson, Agari’s Field Chief Technology Officer, to learn practical ways to ensure your domain isn’t used for scams, your brand reputation isn’t harmed and BEC attacks are rejected from your email gateway.
This webinar discussion will…
- Educate on cyber security trends, industry benchmarks and associated risk
- Discuss real-life use cases to elucidate the email security challenges faced by organizations today
- Review current BEC attack techniques, which include display name deception, look-alike domains and address spoofing
- Recommend practical steps organizations can take to thwart email attacks
- Demonstrate the role of DMARC and filtering email traffic based on good behavior modeling versus bad
