State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Wire transfer phishing is a growing threat.
Wire transfer phishing is one of the latest email threats to IT security. In a wire transfer phishing attack, hackers use email to impersonate a high level employee — often a CEO or CFO — and convince an employee with financial access to transfer money to a fraudulent account. Wire transfer phishing attacks often involve email that appears to be a trusted source but on closer inspection is actually a separate, fraudulent domain name.
1The FBI estimates that wire transfer phishing attacks, also known as whaling and business email compromise attacks, rose more than 270% in the first eight months of 2015. Businesses losses have totaled more than $2 billion since January 2015, often generating income for organized crime. With the number of attacks expected to rise, organizations everywhere are seeking more effective email phishing protection.
Mimecast provides protection from wire transfer phishing and other advanced targeted attacks as part of its Targeted Threat Protection service. By extending existing security gateway services to protect against a broad range of sophisticated attacks, Mimecast's wire transfer and spear phishing protection prevents employees from falling prey to malicious links, weaponized attachments and social engineering techniques.
Mimecast provides wire transfer phishing protection for all devices, including corporate desktop and mobile devices as well as employees' personal devices. By scanning inbound emails in real time, Mimecast provides instant and complete protection against these attacks that rely on sophisticated social engineering techniques.
Mimecast Targeted Threat Protection -- Impersonation Protect scans all email as it passes through the Mimecast Secure Email Gateway, examining several parts of each message to spot key indicators of a wire transfer phishing attack. Indicators include:
When an email seems suspicious, Mimecast blocks it, quarantines it for review or tags it as suspicious before sending it on to the employee, depending on rules set by IT administrators.