Posts

Email Security – Good, Better, and Best

When launched Cumulus Global 15 years ago to provide small and midsize businesses (SMBs) with email security and security solutions. As early adopters, we saw how cloud solutions made enterprise grade solutions affordable and effective for small businesses.  While much as changed over the past decade and a half, we still face email-based threats.

Email Attacks are Easy

According to Verizon’s 2021 Data Breach Report, email remains one of the most common vectors for attacks. And, phishing attacks are at the top of the list. Email phishing attacks remain prevalent because they are relatively easy. Cyber attackers are able to say one step ahead of our defenses, in large part to the rise in social engineering. With more of our personal information available through social media, attackers can use psychological tactics and personalized messaging to target specific individuals (spear phishing) and business leaders (whaling). In doing so, they garner sensitive information and gain access to systems and data.

Business Email Compromise

Business Email Compromise (BEC) attacks impersonate your email domains or emails for specific users. In most instances, BEC attacks look and feel like legitimate emails from your business. Combined with social engineering tactics and personalize information, they are hard to spot and often successful.  Attacks can be “internal” that target your employees, or “external” that use your business to defraud your customers and associates.

Email and Domain Impersonation

Preventing email and domain impersonation attacks bypass account level security, including multi-factor authentication. To prevent these attacks, recipients should only accept email that can be authenticated as coming from your domain.

Protection: Good, Better, Best

Currently, you have three levels of email domain security that can protect your business and your identity: Good, Better, and Best.

Good: SPF Sender Policy Framework

SPF verifies emails sent from valid IP addresses, either from your domain or authorized senders. While most small businesses have an SPF record configured, errors cause individual emails, or emails from marketing and CRM systems, to be flagged as spam by the recipient. Cyber attackers can spoof email addresses to give the appearance of a validated sender.

Better: DKIM DomainKeys Identified Mail

DKIM verifies that have been digitally signed by the sending domain, or by services sending email on behalf of the domain. Proper configuration is technical and involves cryptographic key management; errors can lead to fake messages with valid DKIM signatures. Cyber attackers can remove the DKIM signature using sophisticated relay attacks.

Best: DMARC Domain-based Message Authentication, Reporting,
and Conformance

DMARC authenticates email origin by aligning identifiers from SPF and DKIM, and instructs recipients to deliver, quarantine, or reject failed emails by policy. DKIM helps improve email deliverability. Is the best protection against email and domain impersonation attacks, whether they target your employees, vendors, or customers. Reporting enables you to see email sources and manage your policies.

Call to Action

While you set up SPF and DKIM with DNS record entries, DMARC is best implemented as a service. Doing so provides you access to settings, reports, and analysis tools. For most small and midsize businesses, the level of protection DMARC provides is worth the minimal cost.

You can learn more with our eBook: Email Security: Good, Better, Best.

To discuss your email security configuration, make an appointment with one of our Cloud Advisors, send us an email, or fill out our contact form.

Business Email Compromise: 10 Stats; 5 Solutions

Business Email Compromise (BEC) is a type of phishing-related fraud with far-reaching consequences. Not only can BEC attacks hurt your business, companies you work with can be damaged as well. BEC threats are hard to detect and mitigate, given the a byzantine structure of the attack.

Here are 10 statistics that demonstrate the increasing risk of BEC attacks, along with 5 solutions that reduce the chance of your business becoming a victim.

10 BEC Statistics

1Business email compromise rose by 14% overall in 2020 and up to 80% in some sectors
265% of organizations faced BEC attacks in 2020

3In 2020, BEC costs increased rapidly, from $54,000 in Q1 2020 to $80,183 in Q2.
4The energy and infrastructure sector topped the 2020 list with 93% of attacks
560% of the information on the dark web could potentially damage businesses

6In 2020, 80% of firms experienced an increase in cyberattacks

762% of BEC scams involve the cybercriminal asking for gift or money cards.
8The most common type of BEC scam is invoice or payment fraud
9Payment/invoice/billing scams skyrocketed by 155%, in 2020

10The average amount requested in wire transfer-based BEC attacks nearly doubled to $75,000 in the fourth quarter.

Protecting Against BEC Attacks

The most effective way to prevent business email compromise attacks is a strong, multifaceted defense against the primary delivery system: phishing email.  Here are 5 solutions that help you mitigate threats and the risk of successful cyber attacks.

1 Phishing Resistance Training

An absolute must-have for any organization in today’s tumultuous world is a strong cybersecurity culture. Too many employees are still clicking on dangerous messages. Strengthen your security culture and reduce your risk of suffering email-based cyberattacks by up to 70%.

2 Advanced Threat Protection

Go beyond attack profiles and blacklist lookups. Take advantage of next-gen protections that assess content and context, leverage machine learning, and analyze the behavior of links and attachments.

3 DNS / Web Protection

Secure your DNS traffic to help prevent cyber attacks that spoof or use your identity.  Block known, dangerous web sites. Block malicious web content and downloads, even from trusted sites that have been hacked.

4 Identity Access Management

Secure your user identities over time with a comprehensive approach. Include multi-factor authentication, password vaults, and single-sign on for your best protection.

5 Dark Web Monitoring

Your team probably uses their work email address (identity) to log into third party services. Breaches in these services put your business at risk. Monitor you domain for potential breaches so you can take action before you become a victim.

To learn more about these Business Email Compromise, other cyber threats, and solutions to fit your needs and budget, contact us and schedule a complimentary Cloud Advisor Session.