Proofpoint wants to kill off BEC attacks

Email warning
(Image credit: Shutterstock)

Security firm Proofpoint has launched what it says is an industry first tool to help prevent businesses from falling victim to business email compromise (BEC) and email account compromise (EAC) attacks.

Combining the company's existing secure email gateway, advanced threat protection, threat response, email authentication, security awareness and cloud account protection tools, Proofpoint says it can now offer a full end-to-end solution.

Stopping further BEC and EAC attacks is a top priority for organizations as cybercriminals continue to target individuals over email by using highly personalized social engineering messages. These messages can take the form of BEC impostor emails that are used to trick employees into sending money and data to fake accounts and recipients.

EAC attacks on the other hand, involve fraudsters working to compromise employee email accounts through credential phishing, password spraying and malicious third party applications to maintain persistence on a company's network. 

Stopping BEC and EAC attacks

Once an attacker has gained access to an enterprise network, they profile business activity such as new business partnerships or regular wire transfers in order to craft and send convincing emails where they masquerade as an employee with what appears to be a legitimate financial request which can lead to significant financial losses.

Executive vice president of cybersecurity strategy at Proofpoint, Ryan Kalember explained just how damaging BEC and EAC attacks can be to organizations, saying:

“BEC and EAC attacks have cost companies over $26 billion worldwide, and have been responsible for more cyber insurance claims than any other threat, including ransomware. Our new integrated solutions are the first in the market to address the problem with an end-to-end approach that counters the full range of attacker tactics.”

Additionally, Proofpoint has announced multiple new Proofpoint Cloud App Security Broker (CASB) innovations to safeguard cloud applications such as AWS, Box, G Suite, Microsoft Office 365 and Slack which employees access daily.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.