RSS feed Get our RSS feed

News by Topic

BizReport : Internet : February 22, 2018

How to protect from phishers using cloud docs

There is a new threat for businesses in the digital space: phishers have begun pushing into cloud-based and document sharing services, using these collaborative platforms to attack businesses. Many are disguising themselves as trusted brands including Google Docs and even Outlook. Here's how to protect your business.

by Kristina Knight

Kristina: What is driving this new phishing attack?

Asaf Cidon, VP of Email Security, Cyber criminals are attempting to steal login credentials in order to commit fraud or to launch targeted spear phishing campaigns within an organization to steal the crown jewels - typically a wire transfer (according to the FBI 2017 BEC report, the average fraudulent wire transfer is about $125,000), PII (e.g. social security numbers) or additional credentials.

Kristina: What are the dangers in this type of attack?

Asaf: Based on what we're seeing in our customer base, these attacks represent the biggest email security threat of 2018. In order of magnitude, they're five to ten times more common than phishing emails that impersonate employees. These threats are able to bypass traditional email security systems because:
• The links themselves are not the links that were used before in a phishing attack, so they will not appear on blacklists.
• Some links even lead to a legitimate small business website, where the attacker will put in a fake sign-in page within that website.
• The emails are often personalized, such as including the recipient's name.
These threats place a huge burden on IT staff. When the attackers succeed in stealing an employee's login credentials, they proceed to send out hundreds of additional emails from those accounts, which means that IT has to delete all of those emails and reset all the passwords.

Kristina: How can businesses protect themselves/their employees from this type of attack?

Asaf: You don't hear much about this threat in the security industry because most companies have not figured out how to address it. Microsoft can't stop emails that impersonate Microsoft, and Google can't stop emails that impersonate Google. Additionally, link protection solutions such as "safe links" do not work for these attacks.

Barracuda Sentinel, by leveraging artificial intelligence, can be taught to automatically detect and quarantine these emails in real-time. We trained the system to understand a typical email from Microsoft or Dropbox, which we expect to come from specific email addresses or an affiliated domain, and to contain links that to go to specific websites affiliated with the company. So an email that comes from a phony address and links to an obscure website will raise a red flag.

In general, organizations should incorporate a holistic risk prevention strategy with the latest email security technologies and regular security training in order to effectively protect against email threats such as these and many others.

Tags: Barracuda, business safety tips, cloud document trends, phishing attacks, phishing trends

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.