Menlo Security Cloud Security Platform receives FedRAMP® Authorization
Traditional security approaches are flawed, costly, and overwhelming for security teams. Menlo Security is different. It’s the simplest, most definitive way to secure work—making online threats irrelevant to your users and your business.
Our platform invisibly protects users wherever they go online. So threats are history and the alert storm is over.
Traditional network security wasn’t built to address today’s complex enterprise environments. SASE fixes that problem.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise.
Menlo Security | Oct 29, 2020
Share this article
Cyberattacks aren’t always delivered via a payload such as a link to a malicious URL or an infected file attachment. Rather than trick users into downloading malicious content, attacks without payloads—otherwise known as imposter threats—use fake communications to get victims to carry out risky behavior, often offline. These fakes include emails such as phony government requests for a Social Security number, a relative’s plea for a wire transfer, a request from the boss to release proprietary business information or, more recently, give up personal information in exchange for health information and remedies about Covid-19.
Also called “CEO wire fraud” or “business email compromise” attacks, imposter threats look to impersonate a senior executive with the aim of making the intended victim carry out any request as a matter of urgency—often without going through the proper checks or verification. These attacks are often well researched by gathering information about the intended victim or impersonated executive from social media and other online sources. These attacks can be quite effective. In fact, five CEOs of some of the world’s largest banks were victims of a coordinated imposter threat hoax in a single month, including Goldman Sachs, CitiGroup, Barclays, Morgan Stanley, and the Bank of England.
Menlo Threat Labs analyzed a sample of threats and observed the following:
Menlo Imposter Threat Detection roots out and flags business email compromise attacks across the organization. It detects where senior executives and other key employees are being impersonated via display name spoofing and the use of “cousin” or look-alike domains.
It does this by automatically tracking the email behavior of senior executives or other VIPs to root out abnormal requests while detecting spoofed messages based on email headers and sender names. Menlo compiles a sender popularity score in real time to determine if the recipient is likely to receive communications from the sender. Visibility into attacks is provided through the Insights reporting module and can also be consumed through Menlo’s iSOC feed.
The ability to detect payload less attacks—combined with Menlo’s existing strengths at protecting against credential phishing attacks, ransomware, and other payload-based attacks—gives organizations a single solution for protecting against a wide range of advanced email threats.
Contact us for more information or check out how we can augment existing email security to protect from advanced email attacks
Posted by Menlo Security on Oct 29, 2020
Tagged with Email Isolation, Menlo Labs, Phishing
Threat Trends & Research
To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.