10 Things You Need In An Email Security Service
From detecting snowshoe spam and compromised cloud accounts to providing simulated phishing attacks, sentiment analysis and oversight of east-west traffic, here are 10 things companies should look for in an email security service.
Ability To Detect Compromised Cloud Accounts
The majority of cybercrime losses are now attributable to business email compromise (BEC), where an adversary is spoofing a user’s display name or email address or sending messages from the account of a trusted third party, said Ryan Kalember, Proofpoint’s executive vice president of cybersecurity strategy. Companies must understand where risk lives in their business such as in accounts payable or finance.
The adoption of Office 365 has led to overlap between email threats and cloud threats, meaning that companies must be able to identify compromised accounts, malicious third-party apps or data leakage, Kalember said. Web applications and browser extensions have taken to impersonating something that a user is likely to trust such as SharePoint, and then ask the unassuming user to open a third-party file.
In this scenario, Kalember said the attacker is trying to direct the user to a login portal that feels like the normal process but really leads to the adversary getting a token that represents the user’s credentials. To stop cloud account takeover, Kalember said businesses must be able to identify if an account has been compromised whether that’s directly through a credential or indirectly through some sort of token.