Having a member of your team log in from an IP address in San Diego and an hour later from an IP address in New York City should raise a red flag. This scenario is known as “impossible travel”; there’s no physical way to get from Point A to Point B in the time allotted.
Many systems are now using Impossible Travel to help catch Business Email Compromise.
Unfortunately, cyber criminals have noticed these measures and are implementing countermeasures; especially those in Asia and Eastern Europe.
By utilizing services that “rent” millions of residential IP addresses across the globe, there’s a good chance the criminal can pick one close enough to their target to not trigger Impossible Travel.
Takeaways:
Make sure Multifactor Authentication is enabled on all email accounts.
Provide effective security awareness training to help your Team identify Credential Harvesting attacks. Prevention vs. Cure.
Defense in depth is a good idea. The more hoops you can make an attacker jump through, the better.
Creative criminals are always looking for ways around your defenses. And if they can create a service they can rent to other criminals, so much the better for them.
Source: Microsoft
Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.
Comments