Email is used across a wide variety of external vendors, customers and prospects. And, your business relies upon maintaining regular communication with all of them. But cybercriminals know the inherent vulnerabilities within email communication and leverage Business Email Compromise (BEC) attacks to impersonate these trusted, external contacts to trick users into taking action by transferring money or sharing sensitive information.
Detecting External Impersonations Attacks with GreatHorn
GreatHorn’s advanced anomaly detection uses artificial intelligence, machine learning and data science to automatically learn legitimate communication patterns between senders and recipients, identifying the anomalous emails, attachments, and links.
GreatHorn analyzes all communication patterns between senders and recipients using behavioral analytics within our AI and ML models, providing organizations with immediate detection and insight into anomalous emails.
Strength of a sender’s individual relationship to the recipient, as well as a “friends of friends” system that accounts for the sender’s overall relationship with others in the recipient’s organization.
Analysis for employee display name spoofs, domain spoofs, and domain look-alikes, including comparison against known email addresses, executive impersonation tactics, and email authentication standards.
Sophisticated analysis of domain reputation, sending IP, and header information, including determining variations in expected authentication results for DMARC, DKIM, and SPF.
Deep content inspection based on keywords, regular expressions (RegEx), attachments, and URLs, to identify common spear phishing tactics—wire transfer and W2 requests, credential theft attacks, business service impersonations—all without storing the content or the mail.
Establishes an understanding of communication patterns unique to a specific individual and a specific organization, such as email frequency, volume, recipients, sending patterns and more.