In Verizon’s 2018 Data Breach Digest researchers identified that 90% of successful cyber-attacks began with some form of phishing or email compromise. The objective of these attacks is simple: Trick a user into giving out their username and password. Once their credentials are acquired, they can be sold on the dark web and used in subsequent attacks such as ransomware or identity theft.
Despite the vast majority of cyber-attacks focusing on email as the primary exploit, most businesses have little to no protection in place to prevent these modern attack strategies. Even industry-leading email platforms such as Google’s G Suite or Microsoft’s Office 365 lack these advanced email threat protection measures in all but their most expensive, enterprise-oriented service plans.
Digital Boardwalk is here to protect businesses from the onslaught of these cyber-attacks with our industry leading email threat protection platform: EnsureMail™. Powered by artificial intelligence, machine learning, and a team of cybersecurity experts, EnsureMail™ intelligently protects users’ email with multiple layers of security.
One leading strategy for email compromise is referred to as “Spoofing.” In this technique, an attacker sends an email to your organization and modifies the information within the email to make it appear as though the email came from someone within your organization. Even close inspection of the sender’s email address appears as if it came from a trusted individual internally.
Most who encounter this technique immediately think they have been hacked, and someone is in their email account sending email on their behalf. Contrary to what you might expect, spoofing an email address for any company is very easy to do, and it does not require any “hacking” of your systems.
Digital Boardwalk’s EnsureMail™ solution stops this type of attack with a highly effective countermeasure. Our platform analyzes every email your organization receives, including where the email came from. If the email is made to appear as if it came from someone within your organization but in fact originated somewhere outside, the email is automatically quarantined and prevented from reaching the user’s inbox.
Another common strategy for email compromise, sometimes referred to as “Link Masking,” tricks users into clicking a link in an email that appears to be legitimate but redirects them to a malicious site. This technique is successful against users who tend to click before checking. Even vigilant users, however, can be tricked into clicking malicious links with cleverly structured URLs.
Digital Boardwalk’s EnsureMail™ solution defends against this strategy by sandboxing all links in the email and performing a time-of-click analysis of the site prior to redirecting the user there. If the analysis finds the link to be safe, it will automatically redirect the user within a couple seconds. If, however, the site is questionable or positively identified as malicious, the user is warned and prohibited from reaching the site.
As mentioned earlier, Spoofing is an emerging strategy for “Phishing” for user login credentials. Traditional phishing strategies, however, are still the most common technique used today. In a typical phishing attack, you receive an email from what appears to be a legitimate outside business. The emails are often from major well-known brands such as Microsoft, Google, Netflix, Facebook, and other widely used services.
The reason these emails always claim to be from major brands is because these attacks are not targeted. Instead, they are sent out to tens or even hundreds of thousands of users at a time in hopes that the recipients use the specific platform or service they are spoofing.
Phishing emails typically focus on tricking users into providing their username and password to the attacker. More sophisticated phishing campaigns, however, install malware to execute devastating ransomware attacks.
Regardless of the strategy, Digital Boardwalk’s EnsureMail™ solution keeps you safe by analyzing every email that comes into your organization. If the email displays phishing characteristics, such as spoofing a major brand but not coming from the brand’s trusted domain(s), the email is automatically quarantined and never reaches the user’s inbox.
You may not have considered it, but the openness of the internet allows anyone in the world to send you an email. It is unlikely, however, that you need to receive emails from anyone outside of the United States.
Since many email attacks are launched from foreign countries, you can significantly reduce your risk of attack by simply blocking foreign countries. Digital Boardwalk’s EnsureMail™ solution allows you to block all countries except those you plan to communicate with, automatically quarantining everything else.
…And So Much More!
Our email threat protection solution not only keeps you safe by blocking phishing attempts and other malicious emails, it can also filter out all the junk that clogs up your inbox and hinders productivity. In fact, the average EnsureMail™ customer sees a 70% reduction in received email simply by blocking junk and other unsolicited email!
If you’d like to learn more about how we can keep your organization safe from email-based cyber-attacks, or how we can protect you from the countless other threat vectors, Schedule a Call with us and we’ll be happy to answer your questions.