RMail Advanced Analytical AI Unveils the Shadows of Cybercrime Within Your Networks, Documents, and Inboxes

RMail Advanced Analytical AI Unveils the Shadows of Cybercrime Within Your Networks, Documents, and Inboxes

November 17, 2023 / in Blog / by Zafar Khan, RPost CEO

Cybercriminals are using AI to be smarter in defeating you. You need to use AI to be smarter in detecting them.

If you’ve used the internet for anything, you’ve probably been faced with CAPTCHA, otherwise known as the Completely Automated Public Turing test to tell Computers and Humans Apart. It is a type of security measure known as challenge-response authentication that ostensibly protects you from bots trying to repeatedly break into your password-protected accounts.

You know the drill: You really need to find out if that deposit hit your bank account, but now you must pick which of 9 images contain bicycles in them. Suddenly, you must determine if the bike rack or the traffic light counts. And what about the pole holding up the traffic light? Do mopeds count as bicycles for CAPTCHA purposes? All this to determine if you’re in fact a human being. It’s a bit insulting.

But, hey, if this stops bots from hacking my bank account, it may well be worth it. However, there’s actually more going on here. Google (CAPTCHA’S owner) is also using the system to figure out what an average human mind would consider a bicycle (or bus, or mountain, or fire hydrant) and remember this so that it can be replicated as a test for humans.

That’s right. Every time you try and log into any site with CAPTCHA, you’re helping Google train machines to recognize images as we do. So, we’re all just living in one big AI experiment where billions of human, tissue-based brains are training billions of silicon-infused computer chip neural networks.

Unfortunately, cybercriminals are already benefiting from all this training and will continue to use AI to become more sophisticated. Just get a machine to figure out how a human WOULD respond to an image or puzzle-based challenge along with some newly acquired (via email eavesdropping) login and password credentials, and they’re off to the races.

Thus, we need to get more sophisticated in not only the security to prevent access, but also in the security to DETECT access. ENTER RMail AI and Email Eavesdropping™ detection service, which uses advanced analytical AI to DETECT not if (we know it will happen) but when and where there are cybercriminals lurking INSIDE our networks, documents, and email inboxes.

Email compromise lures begin with cybercriminals targeting their victims by eavesdropping on emails from sender to recipient, to siphon off email, analyze it, copy it with slight modifications (e.g., payment instructions), and then pivot replies so they route in a loop back to the cybercriminal.

As an example of the cost of an email account inside a company being compromised by cybercriminals, manufacturer Mountain Crane recently had hackers take control of an email account belonging to an employee. The hackers then provided access to a cybercriminal gang that specializes in Business Email Compromise cybercriminal trickery. The gang then used their access to the email account to send an invoice totaling $1.75 million to one of the company’s customers, wind turbine giant Nordex.

Since the cybercriminals had access to the email account, they knew the details to put into the invoice (product names, pricing, payment terms, normal invoice format, but with an alternate bank payment account) so that it lured the invoice recipient into unwittingly paying the impostor invoice to the cybercriminal gang account. In this instance, Nordex paid the cybercriminal gang the first tranche of the invoice, over $800,000. Some portions of these funds rather mysteriously were later detected in a Nigerian bank account.

When RMail identifies unusual activity patterns, like in the situation with Mountain Crane, it will report to the account owner that the email account appears to be compromised, and the back-and-forth emails related to the fake invoice would then trigger an alert that they were being eavesdropped on or masterfully crafted by cybercriminals. RMail AI would have in this case, generated an Email Eavesdropping™ red alert.

With Email Eavesdropping™ alerts, every email sent out of the organization has every activity associated with it analyzed forensically and for a period of time. These alerts include all the email forensics so that IT security specialists can validate and take immediate action 5ubefore the cybercriminal lures users into mis-wiring money to the criminal’s bank.

This is why IDC rated RPost a worldwide leader and Aragon Research named RPost Hot Vendor of the Year for DTM. If you’re not up for perusing these reports, then please feel free to contact us to learn more about RMail AI and Email Eavesdropping™ detection service.