For the most part, the perimeters of aware organisations are reasonably tight. Firewalls are in place, servers are patched, and physical security is in place. However, email is a gaping hole in your network defences.
Email is the gateway for virtually all the bad things that keep you up at night
Cybercriminals are using email to target the weakest link in an organisation’s cyber-security chain: humans
If you think that your organisation is safe from email-borne attacks because you’ve enabled Office 365 email security add-ons like Exchange Online Protection (EOP) or Advanced Threat Protection (ATP), you need to think again. While these security tools are effective at blocking massive spam waves and known threats, they will not reliably stop highly targeted phishing, spear phishing or zero-day (or brand new) attacks.
93 percent of all network breaches include a phishing or spear-phishing attack
Phishing is a hacking technique that ‘fishes’ for victims by sending them deceptive emails. Virtually every internet user has seen a phishing attack. Phishing attacks are mass emails that request confidential information or credentials under false pretences, link
to malicious web sites or include malware as an attachment.
Spear phishing is targeted phishing aimed at specific employees. The goal is usually to gain unauthorized access to networks, data, and applications. Spear phishing is methodical and focused on a single recipient. Often the initial email will contain no URL or attachment. Rather, it will simply try to provoke a response and develop a conversation to lull the recipient into thinking the sender is legitimate. Only later will the hackers request confidential credentials or information, or send a booby-trapped URL or attachment.
According to one 2018 report, 76% of organisations experienced phishing attacks in 2017.
97% of these organisations already had an email/spam filter in place.
The problem is two-fold:
1. Technology: Most email security systems are just glorified spam filters. They were designed to stop known mass email attacks. The underlying architecture of these solutions isn’t suitable to catch just-launched threats or one-off spear phishing emails.
2. People: Lots of employees will click on or respond to a well-crafted phishing or spear phishing email if it lands in their inbox. Despite our best efforts at education, 20 – 30% of recipients open standard phishing messages and 12 – 20% click on any enclosed phishing links.
BUSINESS IMPACTS OF SPEAR PHISHING
The impact can vary but generally increases with the sophistication of the attacker and the size of the target. On average, a successful phishing attack costs a mid-sized business $1.6 million.
Consider the financial repercussions of a hacker gaining access to your critical data. What can they do with it?
GOING BEYOND SIGNATURE-BASED PROTECTION
Our Artificial Intelligence-based predictive email defence solution is supplemented by an extensive chain of additional protections, such as traditional signature-based spam filters, an extensive blacklist, and two complementary virus scanners.
SET UP IS SIMPLE
We can get the solution up and running with just a few clicks. Spam, initial filtering, phishing, and malware detection are all immediately 100 percent effective upon deployment.
GET IN TOUCH
If you’re concerned that your email isn’t as protected as you might like, give us a call on 4915 7487 so we can book a time to meet with you.