Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
Email Security has certainly come a long way. With cloud messaging now the standard versus the legacy on premise approach (Lotus Notes anyone?) the strategy of securing these clouds has also experienced a revolution.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
It started with a phish; how did it end up like this? Inspired from the lyrics of the song Mr. Brightside by The Killers, we’ve seen first-hand how phishing threats can end up as million-dollar ransom demands, financial fraud, and other damages to organizations. Is there really a “brightside” to all of this?
The past twelve months have brought unique challenges as the global COVID pandemic forced organizations to adopt new business procedures rapidly. While it had always been business-critical, email became even more crucial.
On the other side, threat actors also focused on emails to launch a variety of attacks, most of which begin with phishing. Phishing can be a profitable business model for attackers. What looks like an innocent email from a long-standing vendor or IT department can lead to shutdowns, loss of data, and financial costs in the millions.
While there’s still uncertainty as we approach the post-COVID world, one thing is clear: inboxes aren’t clean. Threats ranging from nuisance spam to difficult-to-discover but costly business email compromise (BEC) continue to target organizations’ inboxes. We analyzed over 31 million threats discovered from May 1, 2020, to April 30, 2021, across various organizations and found several interesting patterns.
Identity is the key. In phishing, the lowest hanging fruit is credential harvesting. Nearly 10% of malicious attacks involve credential harvesters.
BECs are low volume, high return. Business Email Compromise (BEC) makes up a small percentage of attacks (1.3% based on our data) but represents the most severe financial damage. Had the BEC attacks we detected been successful, they would have resulted in more than $354 million in direct losses.
It’s easy to deceive. 9% of attacks use identity deception such as spoofing, domain impersonation or display name impersonation.
Threat actors “borrow” reputation and legitimacy from common brands. Brand impersonation is another favorite attacker tactic, as we detail in our yearly March Hackness blogs. Our research shows that the top 10 most impersonated brands make up over 56% of all impersonation-based phishing attacks.
Self-reporting and security awareness training are not enough. More than 92% of user-reported phish are benign spam or bulk mail. When security teams chase the false positives, it uses up limited resources, leaving the organization open for critical, truly malicious attacks.
As part of the report, we broke down threat types by volume (see below) as well as highlighted six email attacks including credential harvesters, supply chain attacks, BEC, ransomware, brand impersonation and vishing.
We cannot stress enough the importance of stopping threats before they reach users.
To combat ever-evolving email security threats, many organizations turn toward security awareness training and user-reported phish. However, our research suggests that security awareness training is beneficial only from an educational perspective and is ineffective in stopping most threats. Attackers use highly sophisticated impersonation techniques that fool most employees. In the majority of account takeover attacks, the victim does not even know that they have been compromised.
User-submitted phish is often inaccurate. More than 92% of user-submitted “phish” were benign, spam, or bulk mail that created more work for security teams following-up on false positives. So, what can we do?
Here is our overview of recommendations:
Lockdown your identity. Never reuse your passwords, and use multi-factor authentication (MFA).
Establish protocols and procedures against financial fraud. Train users in proper procedures for financial transactions (e.g., using trusted out-of-band communications to verify changes to payment processes), and train them on what to do if they fall for the phish.
Take a Zero Trust approach with all emails. Verify all email communications, and remove implicit trust. Choose a security system that can detect compromises and apply controls around compromised communications.
Don’t believe what you see. Invest in advanced technologies like optical character recognition (OCR) parsing and natural language understanding (NLU) modeling.
Focus on preemption. It’s easier (and less expensive) to prevent an attack than to deal with the aftermath. With a majority of attacks starting with a phishing email, use a preemptive email security solution. We recommend choosing a cloud-based, dynamically scalable solution that stops attacks before they reach your inboxes.
Area 1 Security is the only company that preemptively stops Business Email Compromise, malware, ransomware and targeted phishing attacks. By focusing on the earliest stages of an attack, Area 1 stops phish — the root cause of 95 percent of breaches — 24 days (on average) before they launch. Area 1 also offers the cybersecurity industry’s first and only performance-based pricing model, Pay-per-Phish.
Area 1 is trusted by Fortune 500 enterprises across financial services, healthcare, critical infrastructure and other industries, to preempt targeted phishing attacks, improve their cybersecurity posture, and change outcomes.
Area 1 is cloud-native, a Certified Microsoft Partner, and Google Cloud Technology Partner of the Year for Security. To learn more, visit www.area1security.com, follow us on LinkedIn, or subscribe to the Phish of the Week newsletter.
Principal Threat Researcher at Area 1
Juliette Cash is a passionate information security professional with over 15 years experience in technical consulting, computer network operations, and cyber threat analysis and research. She has dedicated her career to tracking and defending against highly sophisticated threats to protect both the public and private sectors, including the United States Intelligence Community and the world’s top Fortune 500 companies. As Area 1’s Principal Threat Researcher, Juliette leads the charge in advanced hunting, technical analysis of intrusion activity, and the development of innovative detection techniques that defend against complex and evolving security threats.
Senior Product Manager at Area 1
Kevin Wilson is a Sr. Product Manager at Area 1 Security. Throughout his 14 years in Cyber Security, Kevin has been an Analyst and Engineer in various organizations such as the U.S Navy, First Data, and Lowe’s. Previously he served as the Global Information Security Officer at Guess? Inc as well as a Product Manager for McAfee.
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-04-28 08:48:24Understanding the Four Business Email Compromise Attack Types
Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!
https://www.area1security.com/wp-content/uploads/2022/03/Champion-Banner_2.png10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-31 06:00:292022-04-28 08:49:23Area 1 Security Announces the Most Spoofed Brand of 2021
Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.
https://www.area1security.com/wp-content/uploads/2022/03/SocialBanner_Blog_MarchHackness2021_2500x1000-Copy-2.jpg10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-26 20:45:192022-04-28 08:51:272022 March Hackness: The Return of the Phishing Bracket