Business Email Compromise is often touted as a dangerous form of phish. And it certainly is! After all, nobody likes to hear their VIPs got spoofed for get-rich-quick schemes. And we're seeing large increases both in velocity, amount of emails, and monetary damage.
But here's the thing: many solutions are crafting their main selling point around BEC. Should they? Talk about myopic! There are virtually countless other forms of phish, spanning from credential harvesting to brand impersonation and extortion, etc. And these come in sheer volume. Credential harvesting, according to our data, makes up 54% of all phishing
A quality anti-phishing program will stop BEC, as Avanan does better than anyone. Avanan stops BEC by:
- Machine learning algorithms combine with role-based, contextual analysis of previous conversations to identify threats that Google, Microsoft and external mail gateways miss,
- Deployment-day analysis of one-year's email conversations to build trusted reputation network,
- Scanning and quarantine of internal email and files in real-time, protecting against east-west attacks and insider threats,
- AI and machine learning techniques to rapidly adapt to new threats and behaviors,
- Account takeover protection beyond email: login events, configuration changes and end user activities throughout the suite.
If your solution is playing up protection for one kind of phish, like Business Email Compromise, perhaps that's all they're good at. Wouldn't you rather have a solution that covers the entire gamut -- one that has 300+ artificial intelligence indicators to do so? Lots of folks will appropriate the term AI to serve their niche, in an attempt to wow you.
Avanan stops all forms of phish. How do we do it? We analyze the entire incoming email, busting open the SMTP envelope and rigorously scouring common headers like sender, recipient, subject lines, email links in the body, suggestive wording, HTMl formatting, text encoding and more. Since SmartPhish is constantly comparing email activity against contemporary threats on the web, we can outright stop 99.9% of incoming phish. Not just 99.9% of BECs, or just 99.9% of Credential Harvesters, 99.9% of everything.
Because SmartPhish is inline, we can stop attacks before they reach your inbox. SmartPhish also develops deep learning of your mail environment, taking inventory of who your usual business partners and colleagues are. We use UEBA (User and Entity Behaviour Analytics) to suss out unusual activity, like email logins from far-flung lands, auto-forwarding mail to strange email addresses, and taking inventory of SaaS apps your employees are using against your knowledge.
Phishing isn't niche. It's everywhere and comes in all forms. Your organization deserves a solution that can block all of these before they reach the inbox.