Sentinel's AI has been developing rapidly in the last few months. In December, we added support for detecting web service impersonations and targeted phishing attacks. In these attacks, the attackers impersonate popular web services (Outlook, Docusign, Dropbox, Apple, UPS, etc.), and ask the recipient to click on a link. The link will typically take the recipient to a sign-in page that looks exactly like a sign in page of the impersonated web service. The goal of the attackers is to steal the credentials of the recipient, and to use those for infiltrating internal IT systems and launch subsequent attacks. Sentinel can stop these attacks by understanding that the email is impersonating a widely-used web service (e.g., Dropbox), but is not sending the email from an address associated with the web service (e.g., dropbox.com), and the links within the email have nothing to do with the domain of the web service.
This capability has also greatly expanded the volume of attacks Sentinel detects in different languages. We see attackers use the native language of the recipient to try to trick them to click on a link, whether it's German, Spanish, Dutch or Mandarin. We are happy to announce that Sentinel stops attacks in all languages, and our AI can effectively support customers in all regions of the world. In order to stop these types of impersonation attacks, the AI does not rely on any text-specific characteristics of the email, which allows it to work with any language.
To give you an idea of the types of attacks Sentinel can catch in different languages, we're including a number of examples below that Sentinel's AI has caught live.
Apple impersonation (in Italian): In this email, the attacker is impersonating Apple, and telling the recipient that their Apple ID was supposedly used to access their iCloud account from a new browser in China. The attacker then asks the user to click on a link to verify this supposed suspicious activity.
Netflix impersonation (in Spanish): in this email, the attacker impersonates Netflix and informs the recipient that their account has problems and will be suspended, unless they click on the link. The link itself does not take the recipient to netflix.com, but rather to a web page owned by the attacker.
Employee impersonation (in German): the attacker is impersonating another employee, and telling the recipient that they have a document waiting for them. The link will take the recipient either to a page where they will need to log in, or to a page that will download malware to their device.
Dutch Paypal impersonation: The attackers impersonate Paypal and tell the user that their account has been “suspended” for three days, and ask them to click on a link in order to recover it.
You can protect yourself from these attacks and others like them with Barracuda Sentinel, the leading comprehensive AI solution for real-time spear phishing and cyber fraud defense. For more information and to schedule a free demonstration, visit www.barracudasentinel.com.
Spear phishing is rapidly becoming the most significant security threat today. Countless individuals and organizations have unwittingly wired money, sent tax information, and emailed credentials to criminals who were impersonating their boss, colleague, or a trusted customer. These attacks are compelling and cannot be stopped with existing email security solutions—creating devastating results for individuals, businesses, and brands.
|Introducing Barracuda Sentinel – AI for Real-Time Spear Phishing Defense||On-demand webinar here|
|Phishing vs. Spear Phishing: What You Need to Know||On-demand webinar here|
|DMARC 101: How DMARC Can Help Prevent Domain Spoofing & Brand Hijacking||On-demand webinar here|
|Spear Phishing: Are You at Risk?||On-demand webinar here|
|Ransomware vs. Spear Phishing – How the Economics Impact You||On-demand webinar here|
Asaf Cidon is vice president of content security services at Barracuda Networks. In this role, he is one of the leaders for Barracuda Sentinel, the company's AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel utilizes artificial intelligence to learn the unique communications patterns inside customer organizations to identify anomalies and guard against these personalized attacks. Asaf was previously CEO and co-founder of Sookasa, a cloud storage security startup that was acquired by Barracuda. Prior to that, he completed his PhD at Stanford, where his research focused on cloud storage reliability and performance. He also worked at Google’s web search engineering team. Asaf holds a PhD and MS in Electrical Engineering from Stanford, and BSc in Computer Engineering from the Technion.