Cyberthreats against corporations are constant and evolving. Even the most security-conscious can leave the tiniest opening that is enough to let the worst criminals gain access. And it just takes one vulnerability to bring a business, and its reputation, down. According to a recent report, Trojans continued to be the main source of malware (51.5%), beating out the venerable crew of viruses (23%), worms (13%), PUPs (11%), and spyware (2%).
More than 90 percent of attacks come through email, according to Julian Martin, Vice President of Business Development at Mimecast. Of all the nastiness out there, spear phishing attacks are among the most challenging to defend against. Spear phishing is an e-mail spoofing fraud attempt that is aimed at a particular organization, seeking unauthorized access to confidential data. Highly targeted, spear-fishing is created specifically to pass through standard security gateways, Martin noted. Used in conjunction with spoofing — forging the header of an email — it's a huge threat to CIOs and their corporations.
Martin spoke with us at the Midsize Enterprise Summit in Indianapolis recently about his company's latest solution to these types of email breaches: Mimecast Targeted Threat Protection.
"It's a targeted threat protection family, of which there are three components: A URL protect component, and attachment protection component, and an impersonation protection component," Martin explained.
The URL protection component uses real-time scanning of all URLs within incoming and archived emails on every click to shield customers from immediate and delayed attacks.
Additionally, the attachment protection provides pre-emptive sandboxing security checks on attachments before they are delivered, to help prevent exposure to malware. Finally, the impersonation protection component prevents employees from being duped into making fraudulent wire-transfers by identifying and then marking or quarantining suspicious messages.
However, it's not software alone that will protect companies from security breaches through email. "It's user awareness, on top of technology, that will solve the problem," Martin said.
Consider that, quite often, so-called "urgent" messages will come from an email address that, especially at first glance, look deceptively authentic. A slight misspelling in an email address or a convincing "alternate" address — such as email@example.com rather than firstname.lastname@example.org — can be innocently opened by the unsuspecting. For instance, email addresses with the "rn" letter combination are easy targets for impersonation, Martin noted, as the quick reader might not notice an "m" replacing the "rn."
In the most heinous cases — or creative ones, depending on your perspective —deceptive emails are sent from fraudsters posing as C-level executives to new administrative assistants or others with similar titles. Martin explained the criminals are well versed in how to scour the internet to learn who the newest employees are at a targeted business. Those new employees are most vulnerable because they are the most eager to please the boss. When an email that might look suspicious to a veteran employee comes through to a new worker's inbox, say an after-hours request for a wire transfer, it is generally done, in order to impress the "boss."
Unfortunately, what results is not the type of attention most employees want to receive.
"It's educating the user that is critical," Martin stressed. "And that is what we do."