How to protect your business from an impersonation email attack
An impersonation email attack can come in many different variations. They can appear to come from a boss, friend, vendor, government agency or any other trusted source. These attacks may claim they contain overdue invoices, confirmation links or just request the receiver complete a task such as wire or file transfers.
By now companies should be well aware of the growing threat of cybercrime and data theft to their business. One particular type of crime is rapidly on the increase and is constantly evolving in its level of sophistication…….impersonation attacks.
In the example below Mike Smith is the boss of the recipient. Everything appears very real with only one tiny difference which would be very easy to miss. Attempts like this are regularly successful, and not discovered as fake until it’s too late.
Impersonation attacks may seem very authentic and can be hard for users to identify as email attacks. Completing a requested action contained within such a malicious email can have many unwanted consequences including:
- Infection of company systems (ransomware, keylogging etc)
- Loss of corporate finances
- Breach of company data
- Breach of employee data
Intrasource partners with the Email Laundry to bring you excellence in email protection.
To help combat the growing threat of impersonation attacks, the Email laundry makes use of machine learning, threat intelligence, and content analysis to identify them before they reach the user’s inbox.
The machine learning system takes a large set of data, analyses it and learns from it. Then by combining it with threat intelligence it can identify patterns and make predictions on whether an email is dangerous on the connection level.
Many targets originate from newly registered domains. There is normally a 24-hour delay between the registration of a domain and the publication of the newly registered domain lists that security services use to identify and blacklist malicious domains. The Email Laundry is able to check these lists before they are published, allowing them to catch the first malicious email sent from a domain without having to wait for an attack to react.
Using sophisticated and powerful content analysis the Email Laundry is able to catch any harmful emails that have passed through the connection level. Using a variety of filters, they can identify these types of potentially dangerous emails including:
- Newly registered URLs
- Similar to domains
- Sounds like domains
- Friendly display name
- Friendly name
High-level protection from impersonation attacks is just one of many benefits of deploying The Email Laundry as your email security service.
Unlike traditional anti-spam services, The Email Laundry is a threat intelligence company, specialising in detecting new variants of ransomware and spear-phishing attacks before anyone else. In some cases, they’ve picked up new strains of malware 22 hours before the best-known commercial AV engines.
They also partner with the EU on a cybercrime project – which allows them to monitor email traffic across a wide range of networks, particularly in Eastern Europe. This enables them to detect new threat patterns and to predict where the next attack will come from before it has been launched.
All of this intelligence goes into the email security service. Why is this important to know? They are the generator of this intelligence, and components of their service are used in other security products. It’s important for businesses to use a tier 1 provider in this respect, and to know the difference between that and an anti-spam company that just white labels someone else’s service.