XDR Attack Disruption in Action – Defending Against a Recent BEC Attack
Business Email Compromise (BEC) attacks are a growing threat to businesses, with losses totaling $1.2 billion in the first half of 2019 alone. In a typical BEC attack, an attacker will attempt to trick an employee into transferring funds to an account they control. To help defend against these attacks, Microsoft introduced Extended Detection and Response (XDR) to its Microsoft 365 Defender suite of products. XDR provides a comprehensive, cross-platform security solution that can detect, investigate, and respond to threats in real-time. In this blog, we’ll discuss a recent BEC attack that was successfully defended against using XDR.The Attack
The attack began with a malicious email sent to an employee of a large financial institution. The email appeared to be from an executive in the company and asked the employee to transfer funds to an account controlled by the attacker. The employee, unaware that the email was malicious, initiated the transfer.The Defense
Fortunately, the attack was quickly detected and stopped thanks to XDR. XDR uses a combination of machine learning, behavioral analytics, and threat intelligence to detect threats in real-time. In this case, XDR detected the malicious email and alerted security personnel. The security team then used XDR’s investigation and response capabilities to investigate the attack, identify the source of the attack, and stop the transfer of funds.Conclusion
Business Email Compromise attacks are a growing threat, but Microsoft’s XDR solution can help defend against them. XDR provides a comprehensive, cross-platform security solution that can detect, investigate, and respond to threats in real-time. In this blog, we discussed a recent BEC attack that was successfully defended against using XDR. With XDR, businesses can protect themselves from BEC attacks and other threats.
XDR attack disruption in action – Defending against a recent BEC attack
1. BEC (Business Email Compromise) defense