Advanced Anomaly Detection Against Business Email Compromise (BEC)

Recommended business email compromise (BEC) protection such as DMARC is not well adopted since it is very hard to implement and is only effective at email spoofing protection when dealing with a small subset of phishing threats.

Key Enterprise Email Security Benefits
for your Organization

1. Prevent - email spoofing and impersonation emails, such as display name and domain look-alikes in real-time.

2. Reduce - risk of financial loss from business email compromise (BEC) attacks.

3. Assist - busy and unsuspecting employees at recognizing and reporting phishing attempts through InMail banner alerts.

DMARC is not Enough!
The Need for Advanced Email Authentication

The email protocol was not designed with security in mind, and there is no authentication mechanism in place whatsoever. However pseudo-authentication is now possible using ‘sender fingerprinting', an advanced machine learning based technology that can identify the true identity of a sender. This technology was designed and built to answer a simple, yet very complicated question:

* Who is sending me what?

* The “Who” equates to the real identity of the sender
*The “What” stands for the content and the context of this communication

How Does IronSights Compliment DMARC
and Protect Against BEC?

IronSights is an Advanced Mailbox-level Anomaly Detection module that protects company's employees from business email compromise (BEC), email spoofing and impersonations attempts by dynamically learning their mailbox and communication habits. IronSights fingerprinting technology takes into account factors like implementation level (no/full/partial) of DMARC/SPF/DKIM, sending IPs, normal communication context and other meta data in order to create a unique fingerprint for each sender, any deviation from the norm will be detected immediately and flagged inside the mailbox through InMail banner alerts. Using machine learning algorithms, IronSights also continuously studies every employee's inbox to detect anomalies based on both email data and metadata extracted from previously trusted communications that can then automatically flag suspicious emails to help people make smarter and quicker decisions regarding suspicious emails within the mailbox.

 

ico-ironsights-red.png