Following the highly publicized (and successful) $4M+ ransom of Colonial Pipeline, attacks like these will only get more popular. Indeed this week, the New York Times reported “Ransomware Disrupts Meat Plants in Latest Attack on Critical U.S. Business.“
These attacks are here to stay. Are you ready?
Related: Security Awareness Training Won’t Give CISOs or Employees Peace of Mind
SEGs are not enough
Despite investing a record $3B in Secure Email Gateways (SEGs) in 2019, US companies still lost $1.7B to phishing.
That’s because SEGs scan incoming messages once, by referencing a database of known threats. Many SEGS, such as Microsoft Defender, have a feature called Microsoft Safe Links, which adds add time-of-Click Protection (URL re-writing). This gives users a second chance to catch phishing threats as they click links in message bodies. This measure still relies on databases of known threats and attackers easily defeat it by simply putting the URLs in attachments or other basic evasion technique.
Meanwhile:
- Spear phishing and Business Email Compromise (BEC) attacks don’t contain URLs or attachments, so they appear harmless to the SEG.
- Cousin domains are used to obfuscate URLs.
- Attackers serve up local versions of a spoofed site, so the domain looks legitimate.
- Trustworthy form-builder services like Microsoft forms, Google forms, Typeform, 123formbuilder and Native forms are leveraged.
- And attackers are constantly iterating and launching new threats.
Once the tainted email has evaded the SEG, the user is your only line of defense.
Time to layer Inbox Detection and Response on top of SEGs
Inbox Security is a new technology – advanced algorithms continually monitors the user’s entire mailbox, finding phishing emails, tagging them, and cleaning up all affected mailboxes so users can’t engage with the threats. Without disrupting the user.
Cyren Inbox Security was built to safeguard each and every Microsoft 365 mailbox in your organization. It is a continuous and automated layer of security that:
- Persistently rescans inbound, outbound and delivered emails in all folders
- Reduces investigative overhead with automated incident and case management workflows
- A seamless mailbox plugin lets users scan and report suspicious emails
Our threat visibility is unsurpassed. Cyren’s global security cloud processes 25 billion email and web security transactions every day; identifies 9 new threats and blocks over 3,000 known threats each second.
Ready to play with Cyren Inbox Security for Microsoft 365? Start a 30-day trial, no credit card needed >