If you work in a business, the chances are you will be targeted today by an email fraudster. Despite the rise of communication channels like Slack, email remains the primary avenue for exchanging information with partners; consequently, it is a common target for criminals seeking to deliver malware.
The number of malicious emails has increased rapidly in recent years. ‘Business Email Compromise’ attacks, where the criminal impersonates a trusted contact such as a senior executive to trick a victim into giving up data or authorising a payment, are particularly dangerous and can cost millions of pounds. Organisations are also at risk of criminals hijacking their brand to launch phishing campaigns against customers.
Ravi Khatod, CEO of a firm that tracks billions of messages monthly for wrongdoing, observed, ‘These attacks are damaging for everyone involved as individuals targeted by fraudulent emails will be less trusting of genuine contact from that organisation in future and may even blame them for the malicious emails’.
Fraudsters often use tricks to disguise their identity and impersonate a trusted brand, with spoofing being one of the most common methods. Spoofing allows attackers to alter the email’s header, so a message from [email protected] appears as [email protected]. Savvy users can see through this by examining the header and checking the IP address, but few bother to scrutinise every email in their inbox. Deceptive emails often bypass traditional email security filters because these systems are designed to look for malicious attachments and keywords, and a well-made spoofed email is functionally identical to the real thing.
However, imposters can still be identified with the right tools. One of the most useful anti-spoofing measures is Domain-based Message Authentication, Reporting & Conformance (DMARC), a free-to-use email security standard. DMARC can identify when the domain in the header does not match the real IP. Domain holders can set their policy to ‘reject’, blocking these emails outright, or ‘quarantine’, isolating them for investigation.
A more recent development in the fight against deceptive emails is ‘Brand Indicators for Message Identification’ (BIMI), which entered a trial period earlier this year. Utilising artificial intelligence, it is designed to prevent brand impersonation over email, social media, and messaging applications. Email providers have teamed up with experts to establish this new standard of email authentication that attackers will not be able to circumvent. BIMI provides reassurance and security by displaying the company logo in authenticated emails, thus providing a clear symbol of trust, recognisable even by the least tech-savvy user.
Khatod noted, ‘Regaining control of their brands will deliver clear benefits to businesses. Firstly, an end to fake marketing messages from spoofers, allowing genuine email campaigns much greater engagement. Alongside their customers, organisations will also be able to inspire greater trust both internally and with their partners, as the BIMI standard will also prevent Business Email Compromise and other email attacks on the company’.
Both DMARC and BIMI represent significant advancements in email security, offering businesses effective tools to counteract the growing threat of email fraud. By implementing these measures, organisations can protect their data, finances, and reputations from increasingly sophisticated cyber-attacks.