Business & Technology

Provide Customers with Advanced Threat Defense Against Email-Based Attacks

By David Finger | April 26, 2018

Many people think of cybercriminals as technical masterminds using advanced coding skills to hack into the backend of faceless devices or datacenters – devices that those with careers outside of IT have little to no interaction with on a daily basis. However, this is not always the case. Instead, many cybercriminals actually tend to target people using techniques such as phishing or social engineering, counting on human error or a lack of cybersecurity knowhow to provide an entryway into corporate networks

Many of your customers might be surprised to learn that the most common attack vector exploited by cybercriminals is actually email. A Verizon Data Breach Investigations report uncovered that two-thirds of installed malware delivered by email.

Without strong email security controls in place, your customers’ organizations are highly susceptible to cyberattacks that can result in compromised, held for ransom or breached data.

Common Email-Based Attacks

Cybercriminals use email to trick users into providing login credentials or initiating fraudulent transactions, as well as to unknowingly install malware, ransomware, and other malicious payloads.

These are some of the top email-based cyberattacks that your customers need be aware of:

Phishing and Spearphishing

Phishing attacks are emails that come from seemingly trustworthy, authoritative sources. They trick recipients into visiting a malicious website, opening an infected file, enabling dangerous macros, sending personal information, or logging into to a private or corporate account. However, a closer look often reveals that there is a discrepancy between the email address or website presented and the actual legitimate site it is pretending to link to. Spearphishing attacks take the same general approach but are more targeted. These cybercriminals have done extensive research on a targeted individual or organization, so that the infected email appear to have come from a specific friend, department, or even manager.

The goal of these emails is often to disseminate malware and ransomware. A strain of the infamous Locky malware, for example, poses as an email from a known shipping company and lures recipients into loading ransomware onto their devices. This email-based variant, discovered by FortiGuard Labs and detailed in our most recent Threat Landscape Report, is an example of how phishing continues to become more malicious and more prevalent. In fact, around 10 percent of firms reported encountering Locky ransomware, and this latest iteration is just another way to distribute this malicious payload.

Man in the Middle Attacks

During man in the middle attacks, criminals, usually through malware delivered via email, are able to access the victim’s web browser, application, or email service. This gives them the ability to monitor and alter incoming and outgoing communications. This can be especially harmful if your customers and their employees are sending sensitive information in plain text.

Zero-Day Vulnerabilities

Zero-day vulnerabilities are new (or recently discovered) errors in software that allow unauthorized code or people (like cybercriminals) to control systems. Attackers often send emails containing links or attachments that exploit these coding errors to infect machines with malware, and thereby compromise data privacy. Due to the unknown (or recently discovered) nature of the vulnerabilities, these threats are hard to detect, giving criminals more time to explore the customer network they have infiltrated.

These threats are more common than users might expect, with 19 zero days discovered so far in 2018 just by FortiGuard Labs.

Mitigating Email-Based Attacks

Because email is so ubiquitous and poses such a serious cyber threat to your customers, it is important that organizations have strong security controls in place to detect and prevent these attacks. With evolving, and often sophisticated, attacks regularly seeking entry via email, your customers must ensure that these controls are updated frequently to effectively defend against this evolving threat landscape.

Furthermore, when assessing their current email security, your customers should look not look at the amount of spam and email-borne threats blocked in the dashboard, but rather the number of incidents their organization has to resolve that started with an email.

Securing Your Customers with FortiMail

FortiMail secure email gateway protects your customers from both standard email attacks, as well as the growing number of advanced threats being launched by today’s more sophisticated cybercriminals. FortiMail participates in regular independent testing to ensure that it maintains the highest level of effectiveness against high volume traditional attacks, as well as detecting and thwarting new, sophisticated emerging threats. Further, it routinely adds in new technologies and services from FortiGuard Labs to accurately detect unknown and emerging threats.  Along with traditional antimalware and antispam capabilities, it is also equipped with integrated sandboxing technology plus new outbreak and content disarm protections designed for sophisticated threats.

As importantly, FortiMail’s use of the sandbox creates new threat intelligence about multi-stage attacks starting with email that can be automatically shared with an organization’s other security controls to block similar threats occurring in other parts of the distributed network.

Finally, FortiMail is easily deployed as an immediate supplement to legacy systems for immediate security, until a replacement can be planned as appropriate.

Final Thoughts

Due to the ubiquity of email, it continues to be a common attack vector for cybercriminals seeking to gain login credentials, money, and sensitive data. As a result, your customers require an advanced and constantly updated advanced threat defense that can keep pace with the frequency and sophistication of email attacks, today and tomorrow. With capabilities to detect and prevent both traditional and modern threats, FortiMail secure email gateway provides just such protection. 

Read more about Fortinet’s solutions for effective email security or also how Fortinet’s FortiClient offers a powerful and cost-effective solution for safeguarding endpoint devices.

Check out our latest Quarterly Threat Landscape Report for more details about recent threats. Sign up for our weekly FortiGuard intel briefs or for our FortiGuard Threat Intelligence Service.

 

IoT expands the threat landscape and network attack surface—presenting four fundamental security risks. Learn more about three strategic approaches and the functionality that Fortinet Security Fabric provides to address the challenges of IoT.

 

Join the Discussion