IronTree and Sendmarc educate businesses on email impersonation

Typosquatting and other Business Email Compromise risks revealed

The first and favourite means of attack from cyber criminals is via email. Yearly they generate $26 billion from spoofing and phishing attacks, a large portion of the cybercrime industry. This is due to 80% of organisations still being vulnerable to these sorts of attacks and many fall for the innocent-looking attacks. Business email compromise (BEC) is an everyday reality and South Africa now has the third-highest number of cybercrime victims in the world, costing about R2.2-billion annually.

Two industry leaders in cybersecurity announced a partnership in July to tackle e-mail crime and are starting out with an essential education list of terms and tactics to watch out for. Sacha Matulovich, co-founder and Chief Strategy Officer at Sendmarc, explains “Criminals get away with email crime due to the trusting nature of victims, savvy social engineering that creates the assumption that the emails they are receiving are authentic. This is because of a lack of awareness regarding phishing and spoofing scams. We intend to change that through education and protecting company domains.” 

The company outlines four email impersonation attacks:

  1. Typosquatting: More often than not when an email is received, users do a short scan to see who it is from. If the name of the sender and/or the company domain name are recognised often it is assumed they are legitimate and taken for face value, but sometimes just one letter may be different and can be easily missed. This is a form of phishing.
  2. Display Name Spoofing: Forging an email is relatively quick and doesn’t require any coding skills. However, fake emails that hijack the names of employees and also mimic the formatting and unique language characteristics of the sender or company require more skill. Unfortunately, there are many websites that advertise how to forge a sender display name, and it takes just a few steps for anyone to create and send a fake email and take on the identity of the real person.
  3. Whaling: This type of attack is when DNS targets specifically people of high interest in an organisation like a CEO or CFO to impersonate. This makes the trick more likely to work and has been seen to work in the case of the University of Mpumalanga. 
  4. Phishing: A type of social engineering attack where an attacker poses as someone else to steal sensitive information by posing as a legitimate source of questions/requests.

Sendmarc employs DMARC protection, a technology protocol that verifies the source of an email & makes sure that only real emails ever reach an inbox, meaning that organisations are able to verify whether the emails they receive are legitimate and unaltered. 

Initially, businesses were slow to adopt DMARC protection. Some were not aware of the problem, while others thought they were already adequately covered by their existing cybersecurity measures. Sadly as businesses continue to be spoofed, companies have realised they need deep expertise and protection. DMARC policies went up 84% last year.

South African businesses, big and small, have experienced huge losses of up to R100 000 000, and some have come dangerously close. The University of Mpumalanga nearly lost R100,000,000 to fraudsters, had it not been for FNB suspecting a suspicious payment by the time the fraud was noticed it would have otherwise been too late. A small travel agency had their domain impersonated by someone else which resulted in a school paying sporting tour funds to the wrong account. Consequently, their U16A hockey team never went on tour.

Partnering with Sendmarc “allows us to offer a comprehensive cybersecurity package with a greater emphasis on keeping organisations safe all the time” says Steve Porter, Managing Director of IronTree. “We are constantly striving to make sure we offer the best cyber security package on the market.” 

“It seems only logical to protect against this sort of human error,” says Porter, “adding DMARC protection through Sendmarc will protect your company from these kinds of attacks,” he concludes.

www.irontree.co.za

 

Share this article:

Popular Posts

Recent

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

Does your business send bulk emails?

Learn all you need to know about Google & Yahoo’s new requirements for bulk email senders.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

This field is for validation purposes and should be left unchanged.

"*" indicates required fields

Hidden

Training

We also offer certified training packages The training will cover POPIA in general. We have two options available. Once off costs. Employee Awareness Training - R490 per candidate Senior Employees Awareness Training - R650 per candidate All prices exclude VAT

Company Structure

Are you part of a group structure?*
IronTree is committed to protecting and respecting your privacy, and we'll only use your personal information to administer your account and to provide the products and services you requested. From time to time, we'd like to contact you about our products and services, as well as any other content that may be of interest to you. If you consent us contacting you for this purpose please tick the checkbox below*

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

Give us a call:

+27 87 943 2278

Send us a WhatsApp:

+27 66 372 4061

Drop us an email:

After hours support:

+27 72 595 1066

After hours hosting support:

+27 76 102 9813

Log a support request

The reseller zone is currently out getting a facelift as we look to integrate it with our backup platform, as it stands you can overview your clients on our new backup console. If you don't know what console that is, please reach out to us.

"*" indicates required fields

Hidden

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

This field is for validation purposes and should be left unchanged.
One of our team members will be happy to help answer any questions you have!
Just click the chat icon in the right-hand corner.