There have been rising levels of socially engineered attacks especially against cloud-based email systems like Microsoft 365, according to Verizon’s Data Breach Report.1 Socially engineered attacks require a different kind of defense than the standard email security implementations.
Three Types of Socially Engineered Email Attacks
Spear Phishing
“Spear” is used to signify a highly targeted phishing attack. Spear phishers send emails that look to have come from a trusted source and sent to a narrow group, like subscribers of a particular service or employees of a company. These scam emails often request data like user names or passwords.
Business Email Compromise
In a business email compromise attack, criminals send an email message using the name of a known source making a plausible request. For example a vendor seems to ask for your credit card information or a bank looks like it’s giving updated instructions on wiring a payment.
Account Takeover
In an account takeover, hackers get access to corporate email accounts through stolen credentials. These internal accounts are then used to launch subsequent targeted attacks. It’s difficult to detect these attacks since they don’t rely on impersonation techniques, but come from a same-server, legitimate account.
An Artificial Intelligence-Based Defense that Analyzes Every Email
Bryley engineers have added important software to Bryley’s arsenal for combatting socially engineered attacks and the various other kinds of offensives launched on our email accounts. Called Bryley Advanced Email Protection, it gives Artificial-Intelligence-powered protection against all forms of email attack.
The Gateway Layer Is a Rules-Based Filter
The email gateway is a boundary layer in front of your email server. It scans inbound and outbound email messages for malicious intent, malware, authentication issues, URL reputation and it checks against blacklists. The gateway blocks emails that lead to phishing sites or malware-distribution sites. A gateway is good for finding and blocking zero-day attacks (the exploitation of unpatched vulnerabilities) and ransomware.
But because the gateway’s filters are based on rules and policies, gateways are not built for targeted strikes like social-engineering-based attacks. Gateway-only solutions often lead to false positives, preventing good emails from getting through. So Bryley Advanced Email Threat Protection pre-filters email traffic and identifies the great majority of threats. Then it passes along only the few, remaining, suspicious emails to a sandbox layer to confirm zero-day threats and block them.
The Sandboxing Layer Contains and Tests the Unknown
Sandboxing analyzes unusual, potential malware in a protected environment. New threats are sent by email every day, so these cannot be handled by gateway filters. Sandboxing is an added, defensive layer in which any email that gets past the gateway’s filters, but still contains unknown file types, URL links or otherwise questionable content can be tested before they reach your inbox.
The API Layer Defeats Social-Engineering Attacks
Protection from socially-engineered attacks comes from an Application Programming Interface (API [controls the interaction of specific software tools2]) that meshes with your email system and individual mailboxes. API integration gives visibility into historical and internal email communication for every email account in the system. It uses this data interpreted by AI to create a communication identity graph, a statistical model specific to each user. The identity graph reveals unusual communication patterns outside of the statistical model. This API system predicts and stops spear phishing attempts. So, for example, when a vendor makes a request originating at a domain not seen before, the API flags and blocks it.
Bryley Advanced Email Threat Protection, through its API detects both account takeover attempts and attacks launched from compromised accounts. Bryley Advanced Email Threat Protection’s API is also able to prevent attempts to compromise credentials by blocking spear phishing emails trying to steal employee passwords.
Layers to Defend Your Email Server and Your Business
Nearly eighty percent of organizations are using M365 with no extra security.3 Microsoft provides a layer of security. But Bryley Advanced Email Protection is unlike anything Microsoft or Google Workspace offer. It’s an AI-based system built to learn the internal and outward-facing behaviors of your organization, and treat emails that conform or deviate appropriately. So choose to put Bryley Advanced Email Threat Protection layers in front of your email server and you’ve multiplied your defenses against criminal behavior.
The tools Bryley uses to accomplish protecting and preserving data continue to change as technologies evolve. Bryley Advanced Email Protection is the result of Bryley engineers’ continual software and hardware evaluations to better ensure its clients’ businesses are not disrupted.
Bryley Systems has helped organizations achieve continuity through managed IT since 1987. If you would like more information about Bryley’s approach to Email Protection please complete the form, below, call 978.562.6077 or email ITExperts@Bryley.com.
- https://www.verizon.com/business/resources/reports/dbir/
- https://www.webopedia.com/definitions/api/
- Barracuda
Bryley Advanced Email Threat Protection is part of the Bryley Business Continuity Pyramid
Business continuity is the planning and process by which organizations maintain operation, not severely disrupted by a disaster or other unwanted incident.
Bryley Advanced Email Threat Protection At-A-Glance
- Multiple layers of defense
- Bryley Advanced Email Threat Protection combines gateway defense with artificial intelligence (AI) inbox protection to defend your users’ mailboxes against all the types of email threats.
- Protection is informed by both a threat intelligence database and artificial intelligence
- The database collects email, network and application threat data from over 200,000 businesses
- AI analyzes communication behavior to detect and stop impersonation attacks in real time
- Bryley Advanced Email Threat Protection represents an advance in blocking access to malicious content to make web use safer for your employees
Request More Information
About Us
Services
Archive
- June 2026
- May 2026
- April 2026
- March 2026
- February 2026
- January 2026
- December 2025
- November 2025
- October 2025
- September 2025
- August 2025
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- July 2024
- May 2024
- December 2023
- November 2023
- September 2023
- May 2023
- March 2023
- November 2022
- June 2022
- September 2021
- August 2021
- July 2021
- May 2021
- December 2019
- September 2019
- May 2019
- December 2018
- November 2018
- October 2018
- June 2018
- April 2018
- October 2017
- September 2017
- August 2017
- April 2017
- February 2017
- November 2016
- June 2015