Business email compromise (BEC) and account takeover (ATO) attacks are on the rise, and the damage they inflict is getting more expensive. An FBI report found that BEC scams grew 136 percent from 2016 to 2018, totaling $12 billion in losses. Other estimates put BEC growth in the past year alone at nearly 500 percent. Further, a study by Barracuda found that there was a “startling rise” in the number of ATO attacks in March 2019 alone, where hackers had compromised Office 365 accounts in 29 percent of the organizations surveyed. As a result, hackers were able to send more than 1.5 million malicious and spam emails.
In BEC and ATO attacks, cybercriminals steal email credentials and then use the compromised accounts to launch other types of attacks, including phishing and spear phishing. In some cases, they scam tax data from employees, swipe employees’ personal information from human resources or payroll departments, or target employees that perform wire transfer payments in order to initiate fraudulent money transfers.
BEC and ATO attacks are highly targeted and much more sophisticated than run-of-the-mill phishing scams and can cause more financial damage. They are also more difficult for standard email security solutions to detect because they are carried out using legitimate corporate email accounts. Most email security systems don’t monitor businesses’ internal traffic, so attacks can go undetected for days or weeks. Business email compromise also relies heavily on psychological manipulation rather than directing users to spoof websites or other suspicious domains, making them either harder to protect against.
This begs the question – how do you fight a more intelligent cyber criminal? The answer to that is, with a more intelligent security solution – one that is powered by artificial intelligence (AI). AI-based email security tools can easily spot email anomalies that the naked eye might miss, and “learn” how to identify and stop BEC and other attacks.
AI Email Security: A Smarter Approach
In most scenarios, email security systems look beyond the firewall in order to stop traditional attacks. Those might include spam or phishing emails, links to spoofed websites, malicious embedded code, and more. But, today’s AI-based systems leverage deep learning to analyze the content of all communications, both external and internal, to spot attacks that are already underway inside the network.
An example of this technology is Barracuda Sentinel, which uses AI to detect such attacks by analyzing historical and inbound data to help spot odd user behavior, unusual content, or link forwarding. The system can quarantine suspicious emails and block malicious emails that can lead to password theft or account takeover.
Over time, the AI engine gets smarter, because it can analyze every email and learn how each user behaves under normal circumstances. Any false positives can also be used to help the system perform better in the future. Unlike other security solutions that have to play catch-up as external threats evolve, an AI-based system can grow and adapt to new threats as they emerge.
The reality is that a security gateway isn’t going to stop these types of attacks, because those solutions aren’t designed to spot that level of nuance in email behavior.
With an AI-powered solution in place to provide early warnings, attacks can be stopped before data or money is lost, and prevent attackers from using your company’s servers to launch attacks against other organizations.
The data generated by the solution can also help improve training and other programs. Barracuda’s Sentinel uses machine learning to identify high-risk individuals and suspicious behavior without manual intervention. In addition to automatically flagging and quarantining the emails, the system can be used to help identify employees who may need additional training. Because so much of the work is automated, the solution can also reduce the security burden on IT professionals, so they can focus on other activities that can help improve security.
An AI-based system can also integrate with traditional email security and anti-phishing solutions to provide end-to-end protection. AI won’t stop every attack, but it can help stop BEC and other breaches early on.
For clients that face an increasing number of sophisticated email scams, automation and additional internal security can help protect employee and customer data, and prevent the types of large financial losses that are increasingly common in BEC attacks.