July 1, 2020

Has your organization been a victim of email attacks? The answer is most likely yes. According to Proofpoint’s recent 2020 State of the Phish Report, “88% of organizations faced spear phishing in 2019.” Furthermore, over half (55%) of organizations fell victim to at least one successful phishing attack. Spear phishing, along with business email compromise (BEC) and account-takeover, are today’s largest email threats. In fact, the cost of spear phishing and account take over is only continuing to grow, with over $12B reported in losses. So, how can you prevent spear phishing, BEC, and account takeover from infiltrating your organization? With the AI-based threat protection of Barracuda Sentinel.

You might be thinking, “what is spear phishing, and why do I need to protect my organization from it?” Simply put, spear phishing is a more targeted method of phishing – an email targeted at a specific person or department within an organization that appears to be sent from a trusted source. Often, it might seem like a legitimate email from Human Resources asking you to take a survey or open a document – do not do it. This is how cybercriminals access and steal confidential information and credentials. Barracuda Sentinel has powerful capabilities that find threats such as these in your email system that the traditional security gateway cannot find.

As a comprehensive AI solution, Barracuda Sentinel is a cloud service that protects organizations from email compromises through “an artificial intelligence engine that stops spear phishing in real time, [an] API-based architecture [that] learn[s] from historical communication patterns, and brand protection using DMARC authentication.” Barracuda Sentinel also integrates directly into Microsoft Office 365 to further protect your organization from internal and external threats.

Targeted email attacks are extremely costly for organizations and are difficult to detect. Barracuda Sentinel’s unique AI capabilities learn business communication patterns based on historical email use to identify abnormalities in email messages and content. Doing so detects and blocks socially engineered cyber-attacks, spear phishing, employee impersonation, and web impersonation in real time and more accurately than the typical security gateways. The AI protection engine automatically isolates the risky email, alerts administrators and users, then gathers the information to continue to learn these patterns. Users can also report missed attacks allowing the AI to continually learn and improve its detection capabilities.

Barracuda Sentinel goes beyond defending corporate emails against compromise – it also protects against account-takeover. An account-takeover happens when a cybercriminal secretly studies their desired target and plans their attack accordingly. The traditional gateways lack the sophistication of Sentinel and cannot detect when internal attacks are launched from compromised accounts. The phishing attack that is “used to harvest credentials for account-takeover” is blocked by Sentinel. When fraudulent emails are sent from compromised internal email addresses, Sentinel detects this behavior, sends a notification, and removes all the emails.

Another social engineering attack that is commonly used is domain spoofing, which targets employees, customers, and business partners. Using DMARC (Domain-based Message Authentication Reporting and Conformance), Sentinel prevents email domain fraud and brand hijacking. When properly setup and enforced, DMARC is “an email authentication, policy, and reporting protocol” that ensures only the real owner of a domain can send emails from it, helping prevent phishing and spear phishing attacks. Barracuda Sentinel assists in implementing DMARC authentication, monitoring the data, and provides insight and reports of fraudulent usage of a domain.

While some of these email threats may or may not be currently detected by your email filter, it’s important to recognize the potential risk and the cost associated if left unprotected. Barracuda Sentinel uses sophisticated artificial intelligence, API-based architecture, and DMARC authentication to better protect your organization’s inboxes, educate and train high-risk employees, and prevent, detect, and remediate malicious emails.

The networking and security team at Business Information Group is here to discuss how Barracuda Sentinel can help keep your organization from becoming a victim of costly email attacks. Reach out today.