Barracuda Networks Inc. has rolled out a new cloud-based solution designed to provide comprehensive protection against business email compromise (BEC) scams and other forms of spear phishing.
Such attacks, in which criminals impersonating legitimate email senders fool individually targeted victims into transferring money, disclosing social security numbers, or otherwise exposing sensitive information, are becoming increasingly prevalent. Indeed, the Federal Bureau of Investigation recorded over 40,200 specific cases of BEC fraud between October 2013 and December 2016. Businesses impacted by those incidents suffered over $5.3 billion in losses.
“This problem is rampant,” observes Asaf Cidon, Barracuda’s vice president of content security services, adding that while big businesses with deep pockets used to be the most common recipients of fraudulent messages, hackers have SMBs squarely in their sights these days too.
“Now really everyone’s a target,” he says.
Called Sentinel and available immediately, Campbell, Calif.-based Barracuda’s new system employs three components to shield businesses from spear phishing assaults. The first is a real-time detection and prevention engine that automatically quarantines dangerous or suspicious messages. The system uses artificial intelligence technology to spot departures from normal communication patterns within an organization, such as a senior executive using a personal email account or varying dramatically from their typical writing style.
The second of the new product’s three defensive layers uses the Domain-based Message Authentication Reporting & Conformance, or DMARC, protocol to block domain spoofing, a technique in which attackers send phony messages from what look like genuine corporate domains. A highly effective countermeasure against domain fraud, DMARC can be difficult for organizations without specialized skills and extensive IT resources to deploy.
“A lot of customers, especially SMBs, have struggled quite a bit with implementing DMARC on their own,” Cidon says. Sentinel, he continues, automates the implementation process, as well as the in-depth analysis that businesses must perform to glean insights from DMARC-related data.
Sentinel’s third anti-spear phishing tool is a built-in end user awareness system that conducts simulated attacks on employees and directs anyone who flunks to online training materials. The solution concentrates its efforts on high-risk employees, including people who have been targeted by fraudsters at above average rates in the past and personnel in a company’s finance and HR departments.
According to Cidon, Barracuda Sentinel is a necessary supplement to traditional email security solutions, which look for attachments, links, and mass assaults against many users at once when deciding which messages pose a risk.
“These attacks are much smaller volume and personalized,” he notes.
At present, Barracuda Sentinel supports Microsoft Office 365 email accounts exclusively. Cidon says Barracuda has definite plans in place to protect other environments as well, but would not specify when that additional functionality will reach market. Barracuda’s website indicates that Google Gmail and Slack are two of the platforms the system will someday support.
Also coming at an unspecified point in the future is protection from fraudulent messages on social media sites and in chat applications. According to Cidon, Sentinel has been architected to simplify connecting with such services by tapping into the APIs they typically expose.