CEO Fraud & Anti-Spoof Detection
CEO Fraud & Anti-Spoof Detection
Spambrella has the detection and protection required for organisations to protect themselves from the ever increasing threat of CEO fraud using anti-spoofing features. Spambrella will quarantine emails suspected of being an imposter threat and will allow your administrators to release those suspect emails. Alerts are sent to admins as per your preference in order to manage this process effectively.
How does a CEO Fraud scam work?
CEO fraud will typically start with an email being sent from a fraudster to a member of staff in a company’s finance department. The member of staff will be told by the fraudster who is purporting to be a company director or CEO that they need to quickly transfer money to a certain bank account for a specific reason. The member of staff will do as their boss has instructed, only to find that they have sent money to a fraudster’s bank account. The fraudster will normally redistribute this money into other mule accounts and then close down the bank account to make it untraceable.
Out of the £32 million reported to be lost by businesses to CEO fraud only £1 million has been able to be recovered by the victims (UK Statistics). This is due to businesses taking too long to discover that they have been the victim of fraud and the lost money already being moved by fraudsters into mule accounts.
Most businesses reported initially being contacted via emails with gmail.com and yahoo.com suffixes although this has of course broadened to include domains similar to those used by the organization for targeted attacks.
What is Email Spoofing?
Email spoofing is the creation of email messages with a forged sender address for the purpose of fooling the recipient into providing money or sensitive information. For example, a sender 401k_services@yourbusiness.com sends a message to your organization email address stating that you have X days to log into your account to take advantage of new stock investments. The message uses your company’s letterhead, looks as legitimate as the 401k notices you’ve received before, and has a login link.
What is it costing companies?
In August 2015, the FBI issued a public notice indicating that Business Email Compromise (BEC) is estimated to have cost companies over $1.2 billion between October 2013 and August 2015. Spoofing is one of many forms of BEC.
Spoofing attacks became very noticeable in mid-late 2015 and more prevalent in early 2016. The attacks are sophisticated and will not be detected by the majority of today’s email security providers. Business email compromise or CEO fraud is the fastest-growing threat in modern email exploitation.
How do you stop these Spoof attacks?
When using Spambrella these messages can be quarantined for further review and released if appropriate. Spambrella users can also create exceptions in order to allow the delivery of emails from approved senders, such as an externally delivered marketing communication.
Related
Related Case Studies
It doesn't require an arcane knowledge to set the Spam filtering up, the guides are straight to the point and support staff are very helpful. Functionality wise, in short: we do not get spammed. Thanks to Spambrella.
Archiving wise, the new solution is easy to use, searches well and fast and is by far the cheapest we could find at the time. Ten year retention rocks!
The service is great at filtering bad email as well as junk email out while allowing clean email though. I have used a few other options over the years and this is the best I have found. Clients sometimes have trouble configuring their settings to how they want it to be. Or tag emails as approved when they shouldn't and need IT interaction to resolve. Maybe just ease of use or having a more clear way for clients to resolve basics on their own.
Used the software for: 2+ years - 5/5 Overall
With an ever overloaded department, and with cybersecurity skills shortage getting worse securing the I.T infrastructure.
Offloading the task of e-mail filtering to Spambrella has dramatically helped in the department's performance. The only drawback in our case is that the service is hosted outside of our territory and thus out of the legal jurisdiction.
Easy to onboard my customers from another spam filtering system. Very fast and haven't had any downtime in the 9 months since I have moved to Spambrella. When I have had to use support, responses where quick. I had to move all my customers from another filtering system with little notice. After I moved my customers I realised how bad the old solution I used was. Contact with Sales and Support always been professional
Robust, versatile, and reliable...
The reliability of the service and the level of protection that it provides. My spam levels immediately dropped to near zero.
There are almost no false positives. And I'm easily able to customize the level of protection with whitelists, blacklists, and sensitivity settings. I'm also a big fan of the antivirus and URL scanning features.
I found spambrella to be easy to set up and has dramatically reduced the number of spam emails hitting our inboxes. It was easy to 'train' the software to release any genuine emails that were caught or add any spam that was not picked up.
Within a couple of weeks of use virtually no spam arrived to our mailboxes. Spam and phishing emails are a growing problem for everyone I'm sure. I now get a very low incidence of spam.
Latest blog posts
Email Should Be Your No. 1 Security Priority In today’s digitally connected world, email has become an indispensable tool for communication, both in personal and…
What are AI Phishing Attacks? A New Breed of Cyber Threats – Introduction: In an age where artificial intelligence (AI) has revolutionized various aspects of…
The Art of Ethical Phishing Simulation: Testing Your Employees’ Cybersecurity Awareness In the ever-evolving landscape of cybersecurity threats, organizations must stay one step ahead to…
In today’s digital landscape, our personnel remain key targets in contemporary cyber threats, whether it be due to insider risks, compromised accounts, targeted phishing endeavors,…
