Fortinet : The Why and How of Advanced Email Security

3: Sophisticated Social Engineering

Without question, many attacks across categories include a fair bit of social engineering to entice the user to click a link or open an attachment. In fact, the use of Microsoft Office file types to house embedded code, as described above, is part of social engineering. That said, cybercriminals have taken social engineering to a new level, successfully defrauding organizations of an estimated $675m in 2017 according to the FBI-often without the use of malicious code or websites. Instead, they impersonate a trusted figure-an executive, business partner, or the like-and establish trust through communications over time. Ultimately, they end up asking the individual to wire money or take other actions that can be monetized.

In these cases, there is typically no file or embedded code to sandbox and no URL to rate or proxy. Accordingly, newer approaches to detect impersonation attempts are emerging. They include various methods to authenticate the sender, look for inconsistencies in the message, such as a display name not matching the actual sender address, assess the age and nature of the sending domain, and more. FortiMail 6.0 includes many of these techniques, including a new impersonational analysis category of protection which will continue to expand over time.

The Time is Now

With the digital transformation of most organizations in full swing, there is no shortage of business-critical projects. That said, if organizations continue to rely on their traditional security technologies (or relinquish them to cloud email providers), we will continue to see large numbers of installed malware, defrauded customers, and stolen data continue. The silver lining here is that the same troubling numbers to which we refer are already quantified and published, helping you make a business case for improved email security very possible. Look for that discussion next month!