Financial fraud email attacks are increasing year-on-year at 73 percent, with 44 percent of these representing sophisticated, targeted attacks such as wire, invoice, or vendor fraud, according to a new report from Armorblox.
The research has uncovered two vendor fraud attacks targeting approximately 4,000 inboxes each. In these the attackers used ‘Look-alike Domain’ attack techniques to bypass Microsoft Office 365 email security and impersonate trusted vendors with emails that looked like legitimate requests for payments.
Bad actors register look-alike domains aimed to impersonate companies to leverage the credibility of well-known brands. Intentionally misleading, domains — substituting uppercase Is for lowercase Ls for example — can provide victims with a false sense of trust in the belief that they are interacting with a legitimate brand.
“Attackers target vendors because it’s proven to be an effective and lucrative way to initiate supply chain attacks; one compromised vendor can lead to hundreds or thousands of victims at once,” says DJ Sampath, co-founder and CEO of Armorblox. “Effective mitigation requires an email security solution with custom models that understand the unique attack surface for each organization, rather than a one-size-fits-all approach from legacy solutions.”
To combat these threats Armorblox is launching Vendor and Supply Chain Attack Protection as an addition to the company’s cloud-delivered email security platform. This offers protection against vendor fraud attempts and supply chain attacks on the organization such as invoice fraud, look-alike domains, or hijacking payment-related email threads.
Users get immediate protection against compromised accounts with around-the-clock monitoring and risk analysis of over 50,000 vendors. This can help prevent loss of money, sensitive credentials, or confidential data over email with continuous risk assessment of vendors and third-party contacts, based on behavior models.
You can find out more on the Armorblox blog.