You are here:Home/Blog Post/Email Compromise Is Insidious and Costly
These are the top Email Subject lines1 in Business Email Compromise (BEC) attacks, the costliest cyberattacks. There were 19,369 reported incidents at a loss of $1.8 billion in 2020, the most recent published data from the FBI.2
A typical Business Email Compromise attack is the result of a credential breach. With stolen email credentials a crook poses as an established vendor, and uses this trusted position to ply company data or funds from you or a colleague.
Because of the surge in these and other types of attacks3 that don’t get blocked by older defense tactics, Bryley offers its clients Bryley Advanced Email Threat Protection, a layered approach to email security. It continues to stop the older and still bountiful phishing-type of attacks and the growing trusted-domain types of attacks like BEC. The defense layers are coordinated by Artificial Intelligence (AI).
The Gateway’s Many Rules and Filters Defend Against Phishing, Malware, Ransomware and Other Threats
Bryley Advanced Email Threat Protection’s multi-layered scanning engines employ a gateway, sandboxing and machine-learning behavioral defenses.
The email gateway is a boundary layer in front of your email server that scans inbound and outbound email messages for malicious intent, malware, authentication issues, URL reputation and it checks against blacklists. This is a good approach for protecting your business’ infrastructure from externally-launched zero-hour (unpatched vulnerability) attacks and ransomware like LockBit and Conti.
The Sandbox Is Where Suspect Emails Go to Die
If the gateway finds a suspicious email attachment, it is shuttled to a cloud-based sandbox environment. These attachments are triggered so the AI can observe and assess the behavior. Emails found to have malicious content are quarantined and admins can be notified. If the attachment was benign, standard processing rules for email apply.
The API Layer Defeats Social-Engineering Attacks
Protection from socially-engineered attacks, like BEC, comes from an Application Programming Interface (API [controls the interaction of specific software tools4]). The API connects with your email system and individuals’ mailboxes. This integration permits visibility into historical and internal email communications. The gathered data is then interpreted by AI to create a statistical model for each user, which also shows any communications that deviate from the statistical model. The result is that the API system predicts and stops socially engineered attacks like BEC, own-account takeover and spear phishing.
Protected from Both Common and Advanced Attacks
Peace-of mind comes from having the right precautions in-place so your organization’s work continues unimpeded. Bryley Advanced Threat Protection is built on years of experience dealing with various types of attacks and offers an AI-driven, layered approach to thoroughly vet and process emails, quarantining any suspicious emails so they do no harm.
If you would like more information about Bryley Advanced Email Threat Protection, please contact us at 978.562.6077 or ITExperts@Bryley.com.
1 Passly 2 https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf 3 Account-takeover attacks are similar, except criminals steal your own company’s credentials to launch attacks from your own server. Usual approaches to email security can’t defend these. 4 https://www.webopedia.com/definitions/api/