1 © 2017 Proofpoint, Inc.

FIGHTING THE NEXT GENERATION OF TARGETED BEC ATTACKSAdenike Cosgrove, EMEA Cybersecurity StrategyMay 2017

2 © 2017 Proofpoint, Inc.

The Email Security Problem

3 © 2017 Proofpoint, Inc.

Cyberattacks Target the Human Factor

2/3 of all BEC attacks spoofed their target’s

sending domain in the 2H of 2016

(Proofpoint)

2/390%+ of sophisticated attacks target people,

largely via email

(Verizon)

90%BEC attacks jumped 45%

between Q3 and Q4 of 2016

(Proofpoint)

45%30% of users open

phishing messages and 12% click on links &

attachments

(Verizon)

30%

4 © 2017 Proofpoint, Inc.

What is Business Email Compromise (BEC)?

Highly-targeted, low volume attacks

Employee Name <employee@company.com>CEO Name <CEO@company.com>

CEO Name <mu.constructionptltd@gmail.com>

Employee Name

Impersonate corporate identities

Aim to solicit:• Fraudulent wire transfers

• Steal company data• Steal credentials and other

confidential information

5 © 2017 Proofpoint, Inc.

BEC Techniques at a Glance

56% REPLY-TO SPOOFING

43% DISPLAY NAME SPOOFING

0.9% LOOKALIKE DOMAIN

<0.1% BUSINESS PARTNER SPOOFING

• header From: “Bob Bossman“ sender@trusted.com• header To: recipient@trusted.com• header Reply To: hacker@badguy.com

• header From: “Bob Bossman“ hacker@badguy.com• header To: recipient@trusted.com

• header From: “Partner Bossman“ sender@partner.com• header To: recipient@trusted.com

• header From: “Bob Bossman“ sender@tru5ted.com• header To: recipient@trusted.com

6 © 2017 Proofpoint, Inc.

Cyber Criminals Use a Variety of Subject Lines

7 © 2017 Proofpoint, Inc.

How To Fight Back

8 © 2017 Proofpoint, Inc.

Optimize Existing Infrastructure

“Upgrade to the latest version of your SEG, and request a policy audit from the SEG vendor to ensure that the most effective security controls are enabled and correctly tuned.

Implement mail transfer agent (MTA) rules to detect spoofing of internal addresses, and add a notification banner to email from external senders to make the source of messages clearer to users.”

“

Source: Fighting Phishing: Optimize Your Defense

Peter Firstbrook, Research VPAndrew Walls, Managing VPNeil Wynne, Sr Research Analyst

9 © 2017 Proofpoint, Inc.

Eliminate BEC Risk Exposure

Get visibility into all email attacks

Implement core email control and content analysis

Create your email authentication policy

Prevent data loss

Respond rapidly

10 © 2017 Proofpoint, Inc.

Get Visibility into All Email AttacksA

CTI

ON

BEN

EFIT

Get visibility into BEC, credential phishing, and advanced malware attacks

Understand the ‘who, what, why, how’

11 © 2017 Proofpoint, Inc.

Implement Core Email Control and Content AnalysisA

CTI

ON

BEN

EFIT

Granular classification and customized policies to block email threats

Remove the guesswork from your users

12 © 2017 Proofpoint, Inc.

Create Your Email Authentication PolicyA

CTI

ON

BEN

EFIT

Authenticate your email channel Block all malicious use of your corporate identities

13 © 2017 Proofpoint, Inc.

Prevent Data LossA

CTI

ON

BEN

EFIT

Analyze outbound email to see what sensitive information is leaving your network

Prevent data loss and sensitive information from reaching malicious sources

14 © 2017 Proofpoint, Inc.

Respond RapidlyA

CTI

ON

BEN

EFIT

Remove malicious emails from inbox Save time and effort through automated response

15 © 2017 Proofpoint, Inc.

Protection Requires Multi-Layered Approach

16 © 2017 Proofpoint, Inc.

Learn Moreproofpoint.com/email

17 © 2017 Proofpoint, Inc.