Email Security: The Evolution from the Late 1990’s to Present Day
When email went mainstream, inboxes have been under a constant barrage of unwanted messages containing phony ads, viruses and fraudulent links all sent by hackers and spammers. Each time security vendors and internet service providers (ISPs) create new techniques and tools to eliminate and/or reduce the threat the same charlatans have found other ways to get around the updated defense system. This is still true today, from the time of spam moderation (early 2000s) to the protection challenges of business email compromise (BES) of today
Now that email has become a critical and predominate business communications channel, the threats have grown to match; 9 out of 10 cyberattacks consistently begin with phishing emails. Consequently, email security is now an ever-evolving practice. More than half of the 235+ billion emails per day that are sent around the globe are between businesses according to Radicati Group. Nearly a quarter of the 90+ emails an average business email user receives is spam.
Champion has partnered with IRONSCALES, who is pioneering the use of artificial intelligence, machine learning and big data in lieu of the more generalized email security solutions that deploy threat detection technology using rules and signature-based filters. Years ago they recognized that a combination of machine intelligence and security awareness training to work as one unit to fight advanced phishing threats, not in silos.
This recognition and attention to details in this ever evolving threat landscape of email phishing threats is how IRONSCALES advanced into a high-growth-stage security leader in only a couple of years. As IRONSCALES keeps pressing forward with new advancements in their anti-phishing technologies and solutions, the timeline below details how the company achieved their great success.
Generation 1 (Late 1990s through 2012): Filtering Out Spam & Viruses
Once email became popular in the 1990’s, individuals could send and receive messages with little verification or accountability and even fewer security standards. Now, inboxes are bombarded with spam. Fake brand ads and registered domain names that are strikingly similar to legitimate household branded companies also started appearing as scammers and hackers adapt to current technology.
At the time, security providers and ISP’s saw unwanted emails are more of a nuisance than threat. That all changed in 1996 when AOL started using the term “phishing” to warm about hackers creating phony AOL accounts to coerce sensitive information from unwary victims. These attacks were frequent and varied as hackers tried and tested new strategies which made the environment feel akin to the Wild West.
As a result, ISP’s began implementing filters for special patterns and keywords that were prevalent in the irrelevant emails that cluttered customers inboxes. The primary strategy at that point was to send obvious spam mails to the filter, thus reducing the risk that users would fall for the scam or respond to the email. In 2009, Sender Policy Framework (SPF) also started to have an uptick in adoption, with Domain Keys Identified Mail (DKIM) for email authentication following close behind.
Symantec estimated that by 2010, 88 percent of email traffic worldwide was fraudulent. Next generation email filters put users ins greater control of their mailboxes with more sophisticated filtering features like black and white lists using basic attach signature detection capabilities. By tapping into engagement metrics to determine which emails users wanted to receive, ISPs enabled their customers to more effectively block or divert spam/scam messages.
Within a year of its deployment in 2012, Domain-based Message Authentication, Reporting and Conformance (DMARC) was protecting 60 percent of the worlds mailboxes. On the flipside, by the end of that same year, phishing attacks had grown from 176 unique attacks in all of 2004 to 28,000 alone in December of 2012; this also included over 500 million dollars in damages from these attacks.
Generation 2 (2012 – 2016): Phishers Bait Emails Using Links & Attachments
Spear-phishing attacks prompted the second generation of email security. These fraudulent campaigns deployed emails that were laden with links and attachments meant to trick recipients into inadvertently installing malicious code from downloaded content.
Spam filters at the time were no match for such an advanced phishing technique, so SEGs (secure email gateways) that featured AV scanners, threat emulation and sandboxing solutions for real-time detection of malicious attachments and links began gaining popularity. Employers also started training their staff to better identify phony requests and emails around this time. The awareness training was a heavy investment to turn their staff into internet security detectives.
More awareness came with a cost however. SOC (security operations center) teams were increasingly bogged down with false positives. In fact, the sheer volume of incidents overwhelmed these teams, who spent too much time delving in piles of reports instead of catching the dangerous threats that slipped through the cracks, resulting in a longer remediation process.
By the end of 2016, organizations were paying approximately $1.5 million for each spear phishing incident, as SOC teams could only fix up to 8 incidents per day.
Generation 3 (2017 – Present): Business Email Compromise & Ransomware Heighten Risk
The response from cyber criminals regarding increased SEG technology and employee awareness was for them to employ new BEC strategies that were bereft of links or files; thus, making it very problematic for both humans and SEGs to identify. With each successful attack, hackers gain control of a superior or co-worker’s email and then target others in the company to lobby for sensitive information to execute fraudulent transfers. These challengers also started sending more time researching and building specifically-targeted spear-phishing attacks delivering ransomware; hitting an estimated 56 percent of worldwide businesses in 2017.
Currently, for email compromise protection to support businesses, there is an emerging third generation of email security where machines and humans work together 24/7 to detect, respond to, and prevent advanced phishing threats. IRONSCALES is the pioneer of this generation, and as such has organized a bottom up method for email security; using deep scans and machine learning algorithms to differentiate between normal and trusted email communications and spam. Even the most sophisticated phishing attacks – BEC and ransomware that evades both gateway security and humans – can now be stopped post email delivery due to the mailbox visibility. Now the burden and risk has been lifted from the SOC teams by automating and orchestrating productivity and supporting decisions.
Request a Demo
Learn more about IRONSCALES email phishing solution and request a demo today!