AI lent a helping hand to one of our technical support teams last week to help Lineal save a local business from an email hack.
At 07:40 GMT on a seemingly normal week day, Barracuda Sentinel issued an alert to Lineal to say an account had been accessed from a suspicious location. It seemed a malicious actor, appearing to be from Nigeria, compromised one of a client’s finance department email accounts, and created a forwarding/delete rule in the inbox.
Barracuda Sentinel’s AI email protection caught the account takeover attempt, and as a result, we were able to mitigate and resolve a significant threat to one of our customers. Barracuda Sentinel detects both account takeover attempts and attacks launched from compromised accounts.
Corporate account takeover presents a significant new threat to business. Hackers gain access to email accounts and use them as tools to launch subsequent targeted attacks, internally and against external targets – who themselves fall victim.
Account takeover or attacks that originate from these accounts are almost impossible to detect as they don’t use the usual impersonation techniques—they come from a legitimate account and appear to be from a trusted source, allowing the attacker to initiate sophisticated financial scams.
Lineal automatically picked up the alert & create an incident in Barracuda Sentinel. Sentinel remediated the issue with an immediate password reset, disconnecting all active logon sessions for the user and deletion of any rules created during the incident time. Within 40 minutes this potentially disastrous event was avoided.
Barracuda’s worldwide threat protection network automatically gathers intelligence from inboxes around the world to deliver award-winning security, checking both inbound and outbound email to stop the spread of cyber-threats and malicious communications. To find out more visit our Barracuda Email Security page on our website.
This risk could have easily been mitigated by using any of Lineal’s services, such as:
- Using Multi-Factor Authentication (MFA) on the account,
- Barracuda Sentinel-type tools to alert/remediate on compromise,
- Having Azure P1/P2 licensing to allow the use of conditional access to prevent sign-ins from risky locations, untrusted countries, etc.
If you would like to find out more about Cybersecurity and how Lineal can help protect your business please contact us.