Mon, July 16, 2018

Protect your Business from Spear-Phishing with AI

Phishing, Spear-Phishing, Cyber Security

Cyber threats are alive and well in today’s business technology landscape. Unfortunately, users often fail to recognize these threats until it is too late. This can quickly escalate from not only production downtime, but also financial destruction if the proper procedures are not in place. In fact, a report from Cybersecurity Ventures predicts that damages connected to ransomware attacks will cost $11.5 billion annually by 2019, more than double the $5 billion in ransomware damages estimated for 2017. With the majority of these cyber attacks originating from email (i.e. phishing and spear-phishing), it is easy to see why email security should be a top priority for businesses.

What is the difference between phishing and spear-phishing?

Phishing refers to the attempt in gaining sensitive information – such as credit card numbers, usernames, passwords – in a deceitful manner. Typically, these are in the form on an email, in which the “phisher” is disguising themselves as a trustworthy source. In addition, there is usually an attachment or a link that contains malicious content when clicked or opened.

Spear-phishing is essentially this same concept, but a more targeted approach. Instead of sending to a large group, a spear-phishing campaign narrows down to a select few within an organization. For instance, an email may be sent to the CFO posing to be the CEO to gain unauthorized access to financial information or other data. Spear-phishing emails are highly personalized, and can be very difficult to detect.

Artificial Intelligence preventing spear-phishing

Security can easily become a black hole. Your organization may have all of the security products available, but still be susceptible to cyber threats. Barracuda now has a product called Sentinel that utilizes Artificial Intelligence (AI) to detect and prevent cyber fraud and spear-phishing.

Barracuda Sentinel combines three powerful layers in this comprehensive cloud-based solution. This includes artificial intelligence, domain fraud visibility, and simulated fraud training. Barracuda Sentinel is the leading AI solution that guards against spear-phishing, impersonation attempts, business email compromise (BEC) and cyber fraud.

The Sentinel AI engine learns each user’s unique communications patterns. The engine analyzes multiple classifiers to map the social networks of every individual inside the company and identifies anomalous signals in message metadata and content. Barracuda Sentinel combines this messaging intelligence to determine with a high degree of accuracy whether a certain email is part of a spear phishing attack. If so, Barracuda Sentinel quarantines the attacks in real time, and alerts both the user and the administrator. This solution also provides domain fraud visibility and protection using DMARC authentication to prevent domain spoofing and brand hijacking. This helps to ensure deliverability of legitimate email traffic and prevent unauthorized activity such as spoofed emails.

In addition, AI is also used to identify high-risk individuals within an organization. Within each license, administrators can periodically conduct simulated spear phishing attacks to test the security awareness of those individuals. User education is one of the most important, yet most commonly overlooked, aspects of cyber security.

It integrates directly with Microsoft Office 365 to protect people, businesses, and brands from these personalized attacks in real time, with zero impact on network performance.

Read more about preventative measures to protect your organization from cyber threats, download our e-book!