A new report from the FBI’s Internet Crime Complaint Center (IC3) has revealed the extent to which phishing is used to attack businesses and the huge losses that have resulted from another form for email attack – business email compromise (BEC) scams.

In 2019, IC3 received 467,361 complaints about cybercrime and there were reported losses in excess of $3.5 billion, up from $2.7 billion in 2018. The true losses and number of attacks will be far higher, as not all crimes and losses are reported. Phishing, vishing, smishing, and pharming attacks were the most prevalent crime types with 114,702 complaints submitted to IC3 in 2019. Those attacks resulted in losses of more than $57 million.

Source: IC3

There were 23,775 complaints about BEC attacks and losses to those attacks were more than $1.776 billion. On average, BEC attacks result in losses of around $75,000 and the attacks accounted for 50.75% of all losses to cybercrime in 2019.

Business email compromise attacks involve the impersonation of a known individual or company and a fake invoice and fraudulent wire transfer request. Alternatively, changes to vendor’s bank account details or requested or changes to direct deposit accounts for payroll. These email impersonation attacks involve spoofing an email account or compromising an account, with the latter usually achieved with phishing emails.

Email is also used to deliver ransomware – 2,0417 incidents and $8,965,847 in losses – and malware and viruses – 2,373 incidents and $2,009,119 in losses.

The Importance of a Layered Approach to Email Security

As the IC3 2019 cost of cybercrime report shows, the most common attack vector is email, so how can business owners protect against email-based attacks?

Businesses can either purchase cybersecurity solutions directly or engage a managed service provider to look after cybersecurity. If the decision is taken to manage cybersecurity in-house, it is essential to adopt a defense in depth strategy and implement multiple layers of protection. Should one cybersecurity solution fail to block a threat, other layers will prevent the attack from succeeding.

Many businesses have adopted Office 365 and use it for email. Microsoft includes a basic level of email protection for Office 365 as standard – Exchange Online Protection (EOP). EOP serves as the first layer of protection against phishing attacks, malware, and spam, but EOP alone is not enough to block sophisticated phishing attacks, BEC attacks, and zero-day malware threats. An additional layer of protection is required.

Advanced Protection Against Phishing and Business Email Compromise Attacks

TitanHQ has developed an advanced anti-spam solution – SpamTitan – that provides an additional layer of protection against email threats.

To protect against known malware threats, dual anti-virus engines are used. However, new malware variants are constantly being released. Before AV engines can block these new threats, the threat must be identified and the malware signature is then added to the AV engine’s virus definitions. Until that happens, threats will not be identified as malicious and will be delivered to inboxes.

To improve protection against zero-day threats, TitanHQ uses sandboxing. When a suspicious or unknown email attachment is received, it is sent to the sandbox where it is subjected to in-depth analysis to identify command and control center callbacks and potentially malicious actions.

Office 365 accounts are targeted by cybercriminals and their new phishing campaigns are tested against Office 365 protections to make sure the emails are delivered. One previous study showed 25% of phishing emails are delivered to Office 365 inboxes.

To ensure phishing threats are detected that would otherwise not be blocked by EOP, SpamTitan uses a range of advanced detection techniques. They include multiple real-time blackhole lists and threat intelligence feeds, multi-layered message analysis, SURBL’s, Bayesian analysis, greylisting, and more. Protection against email impersonation attacks and spoofing is provided through Sender Policy Framework and DMARC, and all outbound emails are scanned to identify potential email account compromises.

SpamTitan is a full-service email security solution that protects your business, your employees, and your clients from email-based attacks. With SpamTitan, you can adopt a layered approach to email security at a very low cost per user.

If you want to make sure that your business is protected from costly email-based attacks, give the TitanHQ team a call.