According to a new report released by Barracuda Networks based on a poll of more than 3,000 business email compromise attacks, the CEO was impersonated in almost half of all cases (42.95 per cent).
Neil Larkins, CTO & Co-founder at Egress Software Technologies:
“Phishing attacks like this easily fool people by using a slightly modified domain name and pretending to be their organisation’s CEO (Bob.Smith@company.com vs Bob.Smith@conpany.com).
Luckily, the application of machine learning and big data analysis in cybersecurity has now made it possible to mitigate this risk. By analysing people’s email behaviour, smart technology can now recognise patterns and highlight anomalies. In cases where a phishing email requires an individual to respond, they can be alerted to the fact they haven’t emailed this recipient before or that the recipient’s domain is not trusted – immediately raising red flags for the user in scenarios where cybercriminals are leveraging established relationships.
At a time when data breaches are becoming much more prevalent and organisations are struggling to mitigate the risks caused by unpredictable user behaviour, it couldn’t be a more crucial time to implement this type of technology.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.