Business Email Compromise (BEC)

Keep Calm and Never Tell Anyone Your Passwords!

Session In Development  • 

Anthony Cardoza - XTN Cognitive Security  •   • 

As new prevention technologies are deployed, Fraudsters are forced to change their approach, develop new tools, and uncover new ways to monetize their activities. In this way, Fraud Protection has been a perpetual cat-and-mouse game. We'll see a real story about a phishing attack that could involve each bank's...

Resolve and Evolve: Machine Learning for Email Threat Protection

Session In Development  • 

Dena Bauckman - ZixCorp  •   • 

As email threats become more advanced, machine learning is being used to detect these attacks. Learn the latest about machine learning & how it is changing the threat landscape. Join this session to discuss: How machine learning is being used to detect threats Latest advancements in machine learning for cyber...

Resolve and Evolve: Machine Learning for Email Threat Protection

Dena Bauckman - ZixCorp  •   • 

As email threats become more advanced, machine learning is being used to detect these attacks. Learn the latest about machine learning & how it is changing the threat landscape. This session discusses: How machine learning is being used to detect threats Latest advancements in machine learning for cyber...

How to Use Automation and Orchestration to Effectively Respond to Phishing Attacks

Myke Lyons - ServiceNow  •   • 

Email fraud and phishing continue to be an effective attack vendor as they are relatively inexpensive and take advantage of the weakest link in your security program: your users. Combatting these attacks is slow and labor intensive as security analysts typically spend hours trying to determine if an email and its...

Stop Attacks Before They Reach the Inbox

Denis Ryan - Proofpoint  •   • 

As you know, impostor email continues to be a challenge for most security professionals. We are going to discuss the tactics and targets of impostor email via this Email Fraud Workshop breakout. Denis Ryan, Sr. Director of Email Fraud at Proofpoint, will discuss: The email threat landscape; How to identify potential...

Business Email Compromise: Protecting the Enterprise

David Stubley - 7 Elements  •   • 

What does a successful compromise of an organisation's email system look like, and what can we do to protect ourselves? This talk will use real-life case studies from recent incidents to dissect the anatomy of a modern Business Email Compromise attack. Attend this session for expert insight on: Current attack...

Making Email Safe Again: How to Empower Staff to Share Data Via Email

Sudeep Venkatesh - Egress  •   • 

People cause data breaches when using email for a multitude of reasons. They might be tired, rushing or using a mobile device. Or they might be moving to a new job and feel a sense of ownership that entitles them to remove data from their current employer's network. Yet at as people communicate and collaborate...

Building a Cyber-Resilient Program for Email Security: A Holistic Approach

Anoop Das - Mimecast  •   • 

Email remains a key vector for attacks because of the pervasiveness of phishing. Despite significant investments in security defenses, attackers and fraudsters continue to infiltrate organizations through targeted and advanced techniques. That's why organizations need a cyber-resilient program for email that's easy to...

Identity Deception and Social Engineering Attack Vectors - Email Makes It Easy!

Andrew Coyle - Agari  •   • 

Despite the proliferation of social networks and messaging apps, email remains the primary means of communication today. Unfortunately, it also remains a persistent threat vector for cybersecurity abuse. We see these evil emails everywhere: at work, at home and in the news, attempting to sell something, or steal...

Anatomy of a BEC Attack

David Stubley - 7 Elements  •   • 

This session looks at two real-life case studies, with different outcomes from the same initial starting point for two companies. The first led to £140k loss due to malicious invoicing; the second led to data exfiltration and reputational damage (as well as ICO reporting due to GDPR). Malicious actors use common...

Case Study: Look-a-Like Domains, Phishing and Procurement Fraud

Session In Development  • 

Allan Stojanovic - University of Toronto  •   • 

The University of Toronto has been impersonated over a dozen times in the past two and a half years in a somewhat sophisticated scam designed to steal goods to order. This presentation will detail how the scam works (with examples!), talk about some of the mitigating actions that have been performed, as well as some...

Email: Still A Top Threat Vector!

Brent Maher - Johnson Financial Group  •   • 

A consistent message throughout this Summit: Most threats to an organization continue to enter through the route of least resistance - email. In this session, hear directly from a CISO on why email security needs renewed focus and how he's addressed it in his own organization, including: Why smart employees continue...

How to Combat Targeted Business Email Compromise Attacks

Markus Jakobsson - Agari  •   • 

The success of a Business Email Compromise (BEC) attack lies in exploiting the trust and familiarity between sender and recipient, and evading traditional security solutions by eliminating the use of malicious URLs or attachments - which existing security solutions were never designed to do. According to the FBI,...

Email Fraud - An Inside Look at the Fraudsters' Strategies and Tactics

Dan Hoffman - Agari  •   • 

Business email compromise attacks that impersonate executives and business partners to trick employees are the biggest cyber threat organizations face today. This is not news. But what may come as a surprise is that the vast majority of BEC attacks are preventable. This session reviews why email spoofing works, the...

WannaCry, Petya & the Global Ransomware Epidemic: How to Protect Your Organization

Darius Goodall - Barracuda  •   • 

It's a growing epidemic: Ransomware, advanced persistent threats and phishing attacks are responsible for hundreds of millions of dollars in damage due to lost productivity, tainted credibility and worse - lost revenue. As attackers plan increasingly more sophisticated attacks, your organization needs to know how best...