Email & Brand Impersonation Threat Hunting + Mitigation
Take a stance against cyber espionage, email leakage and man-in-the-mailbox (MITM) attacks and protect your organization against data-breaches and cyber espionage often leading to well-constructed impersonating spear-phishing attacks.
Phishing and other email-based attacks account for more than 90% of all breaches. A subset and highly effective form of phishing is a spear-phishing attack in which a hacker will gather confidential data on an intended target and include such details in an email that makes the email seem more credible.
By taking advantage of human error tendencies and the 'Damerau-Levenshtein Distance' cyber criminals are able to intercept corporate correspondence, R&D documents, trade secrets and other sensitive network architecture information useful to social engineering highly credible spear-phishing attacks.
Unfortunately, it often takes months if not years for businesses to discover man-in-the-mailbox (MITM) schemes, enabling cyber criminals to amass large amount of confidential data.
Challenges of Email leakage and Man-in-the-mailbox attacks
Fraudulent domains have a potent impact via email as attackers could gather information such as trade secrets, corporate communication, and other employee information. As email is a high‐volume, primary communication mechanism for many corporations, a small percentage of those emails will be sent to the wrong destination because of a mistype by the email’s sender. This means that a simple mistype of the destination domain could send anything that is sent over email to an unintended destination. The attacker relies on this fact and collects emails by intercepting them outside of the corporations firewall from both internal and external users. This attack vector is completely passive. A company with just 1000 employees sends out about 40.000 emails and receives 90.000 emails in just one day.
Why are cyber criminals so successful with launching spear-phishing attacks?
By studying a company's email address structure, customers' online search behaviour and by setting up promising brand-targeted schemes, cybercriminals are able to learn about what is going on inside a company, attain intelligence about internal procedures, customer relationships, ongoing projects, etc. by harvesting confidential corporate email over long periods of time until sufficient data has been collected in order to successfully launch a detailed and social engineered attack. If an attack is not the criminal's goal, the information attained can be leaked to the media or reported or sold to other interests.
Prevent Email leakage
Keep your corporate communication, business affairs and trade-secrets from landing in the wrong hands.
Detect brand impersonating domains
Discover attacks in the making proactively before they result in financial or loss of confidential data.
Bolster corporate email communication
Regain control of domains which have been registered in order to harm your reputation and business