Microsoft Identifies 38% Increase in BEC

Security No Comments

The sheer number of emails that currently travel the globe is astounding. Billions of emails are underway every single day and, I must add, the majority are simply legitimate ones. Herein lies the problem from a security perspective, psychological conditioning. Basically meaning that the brain is acting based on experience from previous engagements. Whenever you see an email arriving in your inbox, there is some sort of automatic response and the “look and feel” of an email triggers a certain behaviour.

Psychological conditioning

This is not new, the concept of psychological conditioning is well known, and one of the most well known ones is the Pavlov one where dogs were conditioned to receive a reward when they did a trick. Humans, although mentally further developed than animals, are not any different. When we see opportunities of rewards, there is an urge to jump on the bandwagon and try to find out if we can obtain any benefit from it.

The notion of any threats that may be occurring, also triggers a response, especially when it involves financial, health or family matters.

When an email shows any signs of familiarity, the tendency is that the content is easily adopted as being valid and truthful. This includes motivational text that drives you to do things. A positive or negative stimulant in these emails is mostly related to a financial incentive. Whether this is a prize, a missed package delivery, tax return or, from the negative side, a speeding fine, credit defaults, debt collection etc. This tendency is what drives the phishing email industry and threat actors (or plainly criminals), to come up with massive, business style operated, campaigns to try and trick people into their form of Pavlov behaviour.

As you can see in the above image, the sheer amount of emails that contain malicious content is astounding, and this is just the part that Microsoft has seen. Numbers from other email providers like Google, Proofpoint etc, are not even included. (The report from Microsoft can be obtained here )

Fighting back

There are a few ways to combat this. The first one is to try and prevent these malicious emails from entering your mailbox in the first place. This is no easy feat. Your standard email spam filter will most likely not be sophisticated enough to get triggered, mainly because these filters operate on a so called, Bayesian learning technique. This means that the filter engine needs to be made aware of certain email characteristics to which it can assign a “score”. If one person reports an email as spam, and that email may not be a very clear spam message from a technical perspective, it will most likely get a very low score and subsequent emails will not be stopped until a “critical mass” is achieved, like for example a few dozen people have marked the email as spam. Only then will these email characteristics automatically pass a scoring point and subsequent ones will be marked as spam.

If you handle 2 billion emails a day (yes,2 billion a day) and employ a large team of threat analysts as well as having the ability of doing a plethora of threat countermeasures, chances are that malicious emails will not make it to your inbox in the first place.

The second part is to change behavioural patterns in handling emails. This needs to come via awareness training and reverse conditioning. Awareness training provides people the knowledge on how to spot non-legitimate emails. The reverse conditioning ensures that a human response to an email gets some second thoughts before acting on it. Security training can encompass many things and needs to be targetted towards specific gaps in knowledge and also ensure it keeps employees informed around the latest cyber threats that are out there.

Many employees see these security trainings as a bit of waste of time. The way to counter that is to incorporate phising simulations and tests, so people become aware of what these look like and how well they respond.

This also stimulates the conditioning of the mind to not take things for granted and think first before engaging in events that could become disastrous for any company of any size.

Get help

The complexity around email security is massive, and even relatively large companies sometimes struggle with it. EvL Consulting can help small and medium businesses in both areas mentioned above via simple yet advanced solutions. Get in touch to see how your level of company security can be elevated and keep you and your employees out of problems.

Erwin

Print Friendly, PDF & Email

Subscribe to our newsletter to receive updates on products, services and general information around Linux, Storage and Cybersecurity.

The Cybersecurity option is an OPT-OUT selection due to the importance of the category. Modify your choice if needed.

Select list(s):