On March 3, 2020, the cyber division of Federal Bureau of Investigation (FBI) issued a private industry notification calling out Business Email Compromise (BEC) scams through exploitation of cloud-based email services. Microsoft Office 365 and Google G Suite, the two largest cloud-based email services, are targeted by cyber criminals based on FBI complaint information since 2014. The scams are initiated through credential phishing attacks in order to compromise business email accounts and request or misdirect transfers of funds. Between January 2014 and October 2019, the Internet Crime Complaint Center (IC3) received complaints totaling over $2.1 billion in actual losses from BEC scams targeting the two cloud services. The popularity of Office 365 and G Suite has positioned themselves as attractive targets for cybercriminals.
Trend Micro™ Cloud App Security™ is an API-based service protecting Microsoft® Office 365™, Google G Suite, Box, and Dropbox. Using multiple advanced threat protection techniques, it acts as a second layer of protection after emails and files have passed through Office 365 and G Suite’s built-in security.
In 2019, Trend Micro Cloud App Security caught 12.7 million high-risk email threats in addition to what Office 365 and Gmail security have blocked. Those threats include close to one million malware, 11.3 million phishing attempts, and 386,000 BEC attempts. The blocked threats include 4.8 million of credential phishing and 225,000 of ransomware. These are potential attacks that could result in an organization’s monetary, productivity, or even reputation losses.
Trend Micro started publishing its Cloud App Security threat report since 2018. For third year in a row, Trend Micro Cloud App Security is proven to provide effective protection for cloud email services. The following customer examples for different scenarios further show how Cloud App Security is protecting different organizations.
Customer examples: Additional detections after Office 365 built-in security (2019 data)
These five customers, ranging from 550 seats to 80K seats, are across different industries. All of them use E3, which includes basic security (Exchange Online Protection). This data shows the value of adding CAS to enhance Office 365 native security. For example, a transportation company with 80,000 Office 365 E3 users found an additional 16,000 malware, 510,000 malicious & phishing URLs and 27,000 BEC, all in 2019. With the average cost of a BEC attack at $75,000 each and the potential losses and costs to recover from credential phishing and ransomware attacks, Trend Micro Cloud App Security pays for itself very quickly.
Customer examples: Additional Detections after Office 365 Advanced Threat Protection (2019 data)
Customers using Office 365 Advanced Threat Protection (ATP) also need an additional layer of filtering as well. For example, an IT Services company with 10,000 users of E3 and ATP detected an additional 14,000 malware, 713,000 malicious and phishing URLs, and 6,000 BEC in 2019 with Trend Micro Cloud App Security.
Customer examples: Additional Detections after third-party email gateway (2019 data)
Many customers use a third-party email gateway to scan emails before they are delivered to their Office 365 environment. Despite these gateway deployments, many of the sneakiest and hardest to detect threats still slipped though. Plus, a gateway solution can’t detect internal email threats, which can originate from compromised devices or accounts within Office 365.
For example, a business with 120,000 Office 365 users with a third-party email gateway stopped an additional 27,000 malware, 195,000 malicious and phishing emails, and almost 6,000 BEC in 2019 with Trend Micro Cloud App Security.
Customer examples: Additional Detections after Gmail built-in security (2019 data)
*Trend Micro Cloud App Security supports Gmail starting April 2019.
For customer choosing G suite, Trend Micro Cloud App Security can provide additional protection as well. For example, a telecommunication company with 12,500 users blocked almost 8,000 high risk threats with Cloud App Security in just five months.
Email gateway or built-in security for cloud email services is no longer enough to protect organizations from email-based threats. Businesses, no matter the size, are at risk from a plethora of dangers that these kinds of threats pose. Organizations should consider a comprehensive multilayered security solution such as Trend Micro Cloud App Security. It supplements the included security features in email and collaboration platforms like Office 365 and G Suite.
Check out the Trend Micro Cloud App Security Report 2019 to get more details on the type of threats blocked by this product and common email attacks analyzed by Trend Micro Research in 2019.