Social Engineering Protection from BAE Systems protects end users from email attacks such as business email compromise, whaling and CEO fraud.
Companies no longer have to rely solely on training end users to detect potentially malicious social engineering attacks.
The New Old Threat – Social Engineering
Most cyber attacks and frauds rely on deceiving an insider into helping them. This often involves an attacker tricking a user into clicking on a link in a phishing email or opening a malicious attachment. Defences such as sandboxing and URL checking have evolved to detect and prevent these kinds of attack from being successful. While these methods of attack are still used, attackers are increasingly moving towards using social engineering techniques to exploit human vulnerabilities.
Emails are sent that appear to be genuine, they use the right names, the correct logos and appear to use the right email addresses. They typically convey a sense of urgency, encouraging the recipient to react without stopping to consider and investigate whether it is genuine.
Companies typically rely on end user training that encourages users to consider whether an email is trying to trick them. To overcome the weaknesses of relying solely on end users to examine every email and detect social engineering attacks, BAE Systems uses continuous machine learning and behavioural analytics to detect and score potential social engineering attacks.
- Augments traditional email security solutions such as antivirus, antispam, sandbox technologies and URL rewriting to detect and prevent potentially dangerous social engineering emails containing no malware or malicious links;
- Continuously learns the communications patterns within your organisation to help improve detection;
- Analyses a wide variety of email parameters to determine factors such as inconsistent sending history, display name abuse and spoofed emails names;
- Determines a trust score for each inbound email which is used to create an in-email ‘traffic light’ banner alerting administrators and the recipient if the email is potentially suspicious and should be treated with caution.