Stop Email Compromise from Crushing Your Business

CHECKPOINT SECURITY SOLUTION
5 WAYS TO STOP BUSINESS EMAIL COMPROMISE FROM CRUSHING YOUR BUSINESS

OVERVIEW:
Business Email Compromise attacks are the hottest trend from cyber attackers. These seemingly simple attacks are doing major damage. In 2023, according to the FBI, Americans lost $2.9 billion to BEC attacks. That’s up from $1.8 billion in 2020.

The Internet Crime Complaint Center (IC3) received 21 489 complaints related to Business Email Compromise. In fact, BEC ranks ahead of ransomware in complaints.

Gartner found that BECs increased by nearly 100% in 2019 and through 2023, predicts that BEC attacks will continue to double each year, at a cost of over $5 billion to its victims. It affects organizations of all sizes, in all industries, and it victimizes executives and regular employees alike. BEC has fooled Google and Facebook for $100 Million and a small church in Ohio for $1.8 Million. Sequoia Capital was breached via a BEC. It’s hard to avoid these days.

SOLUTION EXECUTIVE SUMMARY HIGHLIGHTS:

What, exactly, is a BEC attack and why has it taken over the entire cyber world?

  • Business Email Compromise (BEC) attacks are some of the most popular and financially damaging attacks in the cyberworld.
  • Easy to pull off and tough to stop, these attacks are gutting organizations for massive amounts of money.
  • Without specific and proper protections for BEC, organizations will have a difficult time defending against these attacks

 There are ways to prevent BEC attacks from entering your ecosystem.

5 WAYS TO STOP BEC ATTACKS

1. INTERNAL CONTEXT
Checkpoint Harmony Email & Collaboration provides context on what’s normal and what’s not.
It scans and quarantines both internal and external email and files in real-time, protecting against east-west attacks and insider threats.

2. LOCAL AI
Both Microsoft and Google have the internal access required to prevent BEC attacks and many of their anti-spoofing tools do a good job at blocking basic attacks, but their infrastructure cannot perform the per-customer contextual analysis required for most BEC attacks. They work with far too many companies and customers to properly monitor all internal accounts and understand an organization’s relationship and reputation patterns.

3. ACCOUNT TAKEOVER PROTECTION
We do a historical scan that monitors over 100 event indicators and correlates them to identify previously compromised accounts. We can notify admins or send notifications to SIEMs/orchestration systems to disable an account until an MFA and/or password reset is made.

Among the many things we monitor:

  • New logins from new devices, locations, or browser
  • Suspicious mailbox configurations
  • Disabling of multi-factor authentication
  • Multiple password resets in short periods of time

By coordinating these indicators, we can understand when an account might be in the process of being taken over and block it accordingly.

4. FULL-SUITE SECURITY
If someone is duped into sharing a spreadsheet over Teams with sensitive info (e.g., credit card numbers, SSNs, etc.), we would stop that traffic. Further, the Teams and Slack anomaly engine monitors all Teams logins and events for suspicious activity.

If you don’t have security for all your apps, hackers will eventually ply their wares where they won’t be stopped.

5. FULL INTEGRATION WITH AZURE ACTIVE DIRECTORY/GOOGLE DIRECTORY
Check Point Harmony Email & Collaboration automatically integrates with Azure Active Directory or Google Active Directory. Check Point Harmony Email & Collaboration uses algorithms to looks for user impersonation, and whether a single sender exists in the organization with a different address. Check Point Harmony Email & Collaboration can do that by cross-referencing several fields, such as sender and signature.

To talk to a representative about a Checkpoint Security Solution for your business, contact us today at info@introstat.co.za