sb-au logo
Story image

The way you write your emails could now stop BEC scams, thanks to AI

18 Apr 2018

The way people write their emails could be the new weapon that detects malicious email threats - and that’s exactly what Trend Micro is counting on.

The company will integrate writing style analysis into multiple products to protect users against Business Email Compromise (BEC) attacks.

Trend Micro Writing Style DNA is powered by artificial intelligence and will raise an alert when an email is suspected of impersonating an executive or a high-profile user.

The AI behind the technology is able to ‘blueprint’ a user’s style of writing by employing more than 7000 writing style characteristics. If an email is suspected to be a BEC, it is compared to the trained AI model. A warning is sent to the implied sender, the recipient, and the IT department.

“Writing Style DNA provides authorship analysis to complement existing AI inspection layers that focus on email intent and attacker behaviours by checking info in the email header and the email content,” the company explains.

“In doing so, it's able to spot attackers who hijack legitimate domains/accounts to circumvent traditional filters. Executives can also provide feedback on the flagged emails to improve detection and reduce false positives.”

The technology may be well-received in the cybersecurity industry – Trend Micro believes the total losses from BEC scams will hit $9 billion in 2018.

Wire transfers or requests for sensitive data are some of the most common attacks. They impersonate the CEO, president or managing director of a company. Because they do not have an email attachment or URL link, they are often hard to detect, Trend Micro says.

According to Osterman Research spokesperson Michael Osterman, this is the first time he has seen email writing style analysis applied to cybersecurity.

"This is a compelling demonstration of AI being used for essential cybersecurity protection against today's most financially impactful attack vector – email,” he explains.

Trend Micro CEO Eva Chen adds that AI-powered protection that uses machine learning and expert rules is a requirement for battling the future threat landscape.

"This new capability is the perfect complement to our existing email security as well as the free phishing simulation and awareness service we're making available to businesses. In a world of increasingly sophisticated and financially damaging email fraud, multiple layers are needed to put organizations back on the offensive,” Chen continues.

Writing Style DNA will be released in June 2018 on Cloud App Security (CAS) for Microsoft Office 365 and ScanMail for Microsoft Exchange (SMEX), and will be included with existing BEC protections at no extra cost. The beta period started mid-March (for SMEX) and the beginning of April (for CAS).

Link image
How a metrics-driven mindset can enable DevOps at enterprise scale
Here's how to enable dev teams to deploy higher-quality software and create reporting standards that clearly communicate software performance.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
The importance of selecting a secure SD-WAN solution
It’s essential to adopt a secure SD-WAN solution to avoid the risks that an unsecured SD-WAN solution can introduce, writes Wavelink managing director Ilan Rubin.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Trend Micro receives AWS Outposts Ready designation
rend Micro solutions are now fully and demonstrably capable of integrating with Outposts deployments.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More