Hi [[ session.user.profile.firstName ]]

Panel: Email Fraud - the Ins & Outs of Business Email and Account Compromise

Business Email Compromise (BEC) and Email Account Compromise (EAC) scams have cost the victimized businesses over $26 billion since 2016. What BEC and EAC have in common is that they target people, rely on social engineering, and are designed to solicit fraudulent wire transfers or payment. Unlike malware attack, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.

Join our guest panel as these security experts discuss their experiences with the changing landscapes of BEC and EAC, the use cases of their email security approach, and how success was measured. In this webinar, we'll explore:

- The full scope of the problem: where the attacks are coming from and how people are being targeted
- The challenges faced when addressing BEC and EAC and how to overcome them
- Lessons learned and how companies can better defend against BEC and EAC

*This session is eligible for one CPE credit with ISC(2). To claim your credit, please submit our online form here: https://go.proofpoint.com/webinars-submit-cpe-credit
Recorded May 11 2020 55 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jake Gordon, Rich Wegner, and Scot Lymer from various companies
Presentation preview: Panel: Email Fraud - the Ins & Outs of Business Email and Account Compromise

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to Navigate Insider Risk: Top Tips from Gartner's Market Guide May 11 2021 9:00 am UTC 60 mins
    Brian Reed, Cybersecurity Evangelist and Rob Bolton, Sr Director Intl, Proofpoint
    Insider threats may initially appear to be just like any other threat, but the big difference is that insiders are in a position of trust. So how do you deal with these malicious or accidental threats that come from people within the organisation?

    Watch Proofpoint’s experts Brian Reed, Cybersecurity Evangelist and Rob Bolton, Sr Director Intl, as they discuss the top tips from Gartner’s new report on Market Guide for Insider Risk Management Solutions. You will learn:

    - The “Rule of Three” for insider threats (including threat types, threat activities, and mitigation goals)
    - How to employ an insider threat mitigation program comprising people, processes, and technology
    - Considerations when purchasing insider risk management technology

    Discover what you need to know about insider threats, how to protect your organisation and navigate these risks.
  • The Cost of Cloud Compromise and Shadow IT May 5 2021 5:00 pm UTC 60 mins
    Larry Ponemon, Ponemon Institute and Itir Clarke, Proofpoint
    With the increased use of SaaS applications, cloud account takeover and Shadow IT present an increasing security risk to organizations. As the network perimeter is replaced by a user-defined security perimeter, it becomes critical to evaluate access controls, threat detection and data security in the cloud. So how can you better protect your company?

    Join us for this special webinar with experts from Proofpoint and Ponemon Institute. They will discuss the findings of the newly conducted research among IT and security professionals to determine the risk and cost of cloud account takeovers and Shadow IT.
    In this session, we’ll cover:
    • The state of cloud usage in organizations
    • Security risks and practices to secure the cloud
    • Cloud compromises and the end user risk
    • The cost of compromised cloud accounts
  • In the Bullseye: Healthcare and Email Threat Vectors Apr 27 2021 5:00 pm UTC 60 mins
    Ryan Witt, Proofpoint; John Carnes, Anthem; Shelly Epps, Duke Health; Brandon Dunlap, Moderator
    Threat actors are targeting individuals in the Healthcare industry and using email as their main entry point for cyber attacks. These attacks are aimed at specific people in an organization to steal money, data or sensitive healthcare information. Threat actors can gain access to legitimate mailboxes using tactics such as phishing, malware or social engineering to impersonate the victim. This leads to further infiltration into an enterprise system. What can those in the healthcare industry do to combat this targeting by cyber criminals? Join Proofpoint and (ISC)2 on April 27th at 1 pm ET / 10 am PT for a panel discussion focusing on email compromise/account takeovers and best practices for dealing with these threats in healthcare.
  • The State of the Phish: A Look at User Awareness, Vulnerability and Resilience Apr 20 2021 9:30 am UTC 30 mins
    Andy Rose, Resident CISO and Matt Cooke Cybersecurity Specialist
    As the global pandemic enters its second year, IT and infosec teams continue to face challenges on all sides. On top of “ordinary” cybersecurity issues, they’re dealing with an explosion of pandemic-themed phishing scams and a surge in ransomware attacks. How well prepared are users?

    Join us as we cover the findings of Proofpoint’s 7th annual State of the Phish report which delivers actionable insights resulting from: a global survey of 3,500 professionals across over 6 countries; analysis of over 60 million simulated phishing attacks and over 15 million suspect emails reported via the Proofpoint’s PhishAlarm.
    In this 30 minute session, we will dive into:

    - The end-user awareness and knowledge gaps that could be negatively impacting your defences
    - What infosec professionals are experiencing as a result of phishing attacks and ways they’re attempting to combat these threats
    - The best practices for delivering phishing awareness training and success tracking

    Attendees will receive a copy of Proofpoint’s 7th annual State of the Phish report
  • Security Awareness Excellence: The Tip of the Iceberg Apr 16 2021 1:00 pm UTC 45 mins
    Mike Bailey Senior PMM, Security Awareness & Brian Reed, Cybersecurity Strategy, Proofpoint
    You’ve sent out the phishing simulations. Assigned the appropriate training. Worked hard to get the word out about your program. Is it enough? Or just the tip of the iceberg?

    With security awareness, what you don’t know can hurt you. If you don’t know which users are being targeted by attackers, how can you protect them? If you don’t know users who are “click happy” with real malicious messages, how can you reduce your risk?

    Join us for a paradigm-shifting conversation on how “new-school” security awareness isn’t enough to address real people-centric risk.

    We’ll cover:

    - Ensuring a laser-focused approach to maximize your risk reduction
    - How metrics like click rate and reporting rate factor into your program
    - Engaging users to make them part of the IT security team
  • Live Demo: How to Use Supervision Technology to Mitigate Risk Recorded: Apr 15 2021 29 mins
    Robert Kreuscher, Senior Sales Engineer, John Pepe, Market Development Principal, Shawn Aquino, Sr. PMM, Proofpoint
    Monitoring digital communications has long been a standard practice for highly regulated organizations to ensure that they meet compliance standards.

    But what are other use cases for supervision?

    Watch our 30-minute live demo to learn how you can utilize supervision technology to mitigate conduct risk in broad areas of exposure, such as toxic workplace, mergers and acquisitions, and brand reputation. We’ll cover how to:

    · Monitor for infractions and post-event investigations
    · Identify major potential risks, including high-risk individuals and view violation trends over time
    · Use analytics tools to understand the deeper context and inter-relationships of communications
  • Live Demo: Identify, Report & Prevent Phishing with Security Awareness Training Recorded: Apr 14 2021 33 mins
    Karl Hart, Account Executive, Proofpoint, Inc.
    99% of the phishing attacks require human interaction to succeed, potentially exposing your organization to email fraud, ransomware, data loss and breaches.

    Educate your users and reduce your phishing risk through Proofpoint’s industry-leading security awareness solution. Backed by threat intelligence, Proofpoint’s Security Awareness Training ensures you are delivering the right training, to the right people, and at the right time.

    Watch our 30-minute live demo to learn how to:

    - Prepare users for new attacks by leveraging threat intelligence to continuously understand which people and what threats are targeting your organization
    - Assess your users’ susceptibility to phishing attacks and social engineering
    - Drive behavior change by turning your users into security assets with engaging, relevant and entertaining training
  • Live Demo: Prevent Phishing Attacks with Proofpoint Threat Protection Platform Recorded: Apr 8 2021 32 mins
    Brett Shaw, Senior Product Marketing Manager, Proofpoint, Ken Greene, Senior Sales Engineer, Proofpoint
    Over 90% of breaches start with attacks targeting people via email. Whether it’s malware, credential phishing or email fraud, organizations need a comprehensive layered solution to protect against these attacks.

    Watch Proofpoint’s expert for a demo on how you can protect your people against the ever-changing threat landscape by providing visibility, risk reduction and operational efficiency with Proofpoint’s Threat Protection Platform.

    We cover:

    - How threat actors are leveraging email and cloud together to target your users
    - How the platform provides visibility into your biggest risk: your people
    - How Proofpoint helps mitigate risk and drives operation efficiency
  • Phishing's Massive Impact: A Discussion Recorded: Apr 7 2021 102 mins
    Sam Masiello, Ciso, Gates Corp, Mark Guntrip, Product Director, Proofpoint, Daniel Greene, Esq., Attorney, Beckage PLLC
    Phishing attacks have a negative and costly impact on organizations. IT professionals find themselves spending time on resolving potentially malicious messages and abuse mailboxes, resulting in user downtime. With attacks like credential theft, ransomware, and business email compromise (BEC) increasing, and the added complication of people working from home, it's time for a new preventative approach. There is no silver bullet, so it is essential for organizations to take a multi-pronged approach to address this problem. Watch our panel of experts discuss:

    • Strategies for an integrated approach to phishing
    • Finding and balancing the right controls
    • Best practices for reducing risk and cutting costs
  • Live Demo: How to Protect Your Cloud Users and Data Recorded: Apr 7 2021 31 mins
    Amish Kohli, Cloud Security Solutions Architect, Proofpoint
    52% of organizations have compromised cloud accounts, resulting in data loss, wire fraud, spam and more. Companies need to monitor cloud usage, mitigate account takeover and govern cloud apps to protect sensitive data. So how can you achieve this?

    Watch our demo of Proofpoint’s Cloud Access Security Broker (CASB) to see how you can protect your users from cloud threats and safeguard sensitive data while staying compliant.

    We cover how you can:

    - Understand the cloud threats facing your organization and users by leveraging Proofpoint’s threat intelligence
    - Discover sensitive data in cloud apps and mitigate data security risks
    - Control access to cloud apps and data for unmanaged devices
  • Live Demo: FOIA Requests & Investigations Made Easy Recorded: Mar 31 2021 32 mins
    Shannon Smith, Archiving Sales Specialist, Proofpoint, Frank Beck, Senior Sales Engineer, Proofpoint
    State and local governments find it difficult, and often costly, to access, review and deliver data to requesting internal and external parties. Learn how to leverage Proofpoint’s technology to thoroughly conduct investigations, quickly respond to public information requests, and ensure that data is being preserved in accordance with preservation obligations.

    Watch our 30-minute live demo where you will learn how Proofpoint’s eDiscovery platform:

    - Centralizes and manages dozens of data types
    - Provides advanced search features to locate relevant information
    - Delivers collaboration and export functionality to get data to the individuals that require it
  • Live Demo: Prevent Phishing Attacks with Security Awareness Training Recorded: Mar 30 2021 29 mins
    David Kleppick, Enterprise Account Executive, Proofpoint
    99% of the phishing attacks Proofpoint observes require human interaction to succeed, resulting in malware installation, wire fraud, unwitting data disclosures, and more. Educate your staff and limit cyber attacks through Proofpoint’s industry-leading security awareness training. Backed by threat intelligence, Proofpoint’s Security Awareness Training ensures you are delivering the right training, to the right people, and at the right time.

    Watch our live demo to learn how to:

    - Understand the threats facing your organization and users by leveraging Proofpoint’s Threat Intelligence
    - Assess your users’ susceptibility to phishing attacks and other threats
    - Drive behavior change, turning your users into security assets, through our engaging and entertaining training
  • Live Demo: Identify High-Risk Users & Protect Your Organization Recorded: Mar 25 2021 35 mins
    Sai Chavali, Sr. Product Marketing Manager, Proofpoint, Tony Kubinksi, Sr. Sales Engineer, Proofpoint
    Not all users are alike. Some will pose a higher risk to your organization than others. Managing insider threats starts with deciding which of your users pose the biggest risk – whether they’re employees, privileged users, contractors, third parties or supply chain partners.

    Watch our live demo to learn how to build a practical, technology-enabled insider threat management program to protect your data.

    In this 30-minute live demo, you will learn:

    - How to recognize high risk users with common use cases
    - Why context into user activity and data movement is key to identifying insider threats
    - Practical security tips to protect your organization from the loss of critical data and IP
  • Live Demo: How to Defend Against Supplier Account Compromise Recorded: Mar 24 2021 30 mins
    Sara Pan, Sr. Product Marketing Manager, Proofpoint, Mike Micolino, Sr. Sales Engineer, Proofpoint
    Attackers have turned supply chains into a highly effective new threat vector for launching indirect attacks. First, they compromise a supplier’s account, then they leverage the compromised account to send malware, steal credentials and perpetrate invoicing fraud. These threats often account for large financial losses and are extremely difficult to identify because they come from legitimate accounts. So how can you protect your company?

    Watch our 30-minute live demo to learn:

    - How supplier account compromise works
    - Examples of attacks being used today
    - How Proofpoint can help defend against this threat
  • Cloud Governance Best Practices - Featuring Forrester Research Recorded: Mar 23 2021 58 mins
    Itir Clarke, Senior Product Marketing Manager, Proofpoint, Andras Cser, VP, Principal Analyst, Forrester
    Information security processes developed for on-premises infrastructure have been network-centric and often fall short of mitigating the unique risks of cloud usage. Companies need a holistic cloud governance program that accounts for the diverse interests of the internal stakeholders and regulators as well as the risk profiles of your cloud users.

    Watch this special webinar with guest speaker Andras Cser, Vice President & Principal Analyst serving Security & Risk Professionals for Forrester Research, to discuss best practices for cloud governance and a people-centric approach to cloud security. We discuss:

    - Who is responsible for securing workloads in the cloud
    - The appropriate protections for cloud users, workloads, and data
    - Processes and tools you require as you migrate to the cloud
    - Examples of better security controls for cloud apps and services
  • How to Detect & Stop Email Fraud in Your Supply Chain​ Recorded: Mar 23 2021 46 mins
    Matt Cooke, CyberSecurity Specialist, Proofpoint
    Most companies depend on a variety of external vendors and partners to support their business. These interdependent relationships form a multi-faceted third-party ecosystem called the supply chain. Because of its complexity, the supply chain is an attractive target for cybercriminals.

    Where a scam targets the supply chain, the organisation will suffer substantial losses, both in time and money, in particular the subsequent costs to resolve the problem and repair the damage. Supply chain fraud attacks leverage both impersonation through Business Email Compromise (BEC) and Email Account Compromise (EAC). Has your organisation assessed the cybersecurity risks from your supply chain? How can you better protect your company?

    In this 30-mns insightful session, you will learn:

    - Real-world supply chain fraud examples
    - Grading risk in your suppliers
    - How to detect threats, including payroll diversion and supplier invoicing fraud
    - How to stop these multi-million-dollar email fraud attack
  • "Kill-Chain" & People-Centric IT Security Controls - Deutsches Webinar Recorded: Mar 23 2021 62 mins
    Markus Grüneberg, Resident CISO, IT Security & Data Privacy Advisor, & Oliver Adam. Senior System Engineer, Proofpoint
    Was hat die IT-Sicherheit mit einem Modell der militärischen Abwehr gemeinsam?
    Das Ziel, Angriffe direkt zu analysieren, zu strukturieren und in einzelne Schritte zu zerlegen, ist eine bewährte Methode des Militärs, um Angreifer rechtzeitig zu erkennen und ggf. unschädlich machen, bevor sie richtigen Schaden anrichten.
    APT-Attacken zeigen sehr häufig die gleichen militärischen Angriffsphasen. Werfen wir einen Blick auf eine aktuelle Kill-Chain* der wirkungsvollsten Angriffe.

    Behandelt wird das Verständnis, Angriffe aus dem Kontext heraus zu verstehen. Einige Angriffe sind beispielsweise in der Frühphase zu erkennen, während der Angreifer die Infrastruktur vorbereitet.

    Im Rahmen dieses Workshops wird u.a. ein ehem. Mitglied der Bundeswehr die Sicht des Angreifers einnehmen und in entsprechende Phasen einteilen. Von der Idee bis hin zur Monetarisierung:
    1) Aktuelle APT-Attacken – am Beispiel eines echten Angriffs aus dem August 2020 (inklusive Zeitstrahl und Einteilung in typische Angriffsphasen)
    2) People Centric Security – TTPs, IOCs & Controls auf Basis der einzelnen Angriffsphasen
    3) Very Attacked People (VAP) erkennen und schützen – mittels VAP-Scoring angegriffene Nutzer gruppieren und gewichten

    *In der IT-Sicherheit werden „Kill-Chains“ gerne genutzt, um Abläufe in Phasen einzuteilen. Am bekanntesten sind die Lockheed Martin Kill-Chain und das MITRE ATT&CK® Framework.

    Webinar auf Deutsch
  • 2021 State of the Phish Report Recorded: Mar 16 2021 32 mins
    Mark Guntrip, Group Product Marketing Director, Brian Reed, Product Evangelist, Mike Bailey, Sr. PMM
    Cyber criminals are taking a people-centric approach to phishing attacks. Is your organization taking a people-centric approach to phishing prevention?

    Watch our experts in this webinar covering the key points of Proofpoint’s seventh annual State of the Phish report. Our experts share actionable insights into the current state of the phishing threat and cover topics including:

    - The end-user awareness and knowledge gaps that could be negatively impacting your cybersecurity defenses
    - The impacts infosec professionals are experiencing as a result of phishing attacks and the ways they’re attempting to combat these threats
    - How organizations are delivering phishing awareness training, and the ways they measure program success
  • Cloud Security Threat - Cloud Monitoring and Breach Prevention Recorded: Mar 16 2021 55 mins
    James Johnson, Cloud Security Specialist, Proofpoint
    In this session we explore the threats associated with cloud security, breach monitoring and prevention. We also explore how organizations can protect themselves both from a denial of service, information leak, data theft.

    With all the limitations of traditional security architectures, we explain how a CASB with Unified Information Protection can achieve cloud & data security detection through to remediation.

    Significantly improving enterprise security, bridging the gap between cloud and information security.

    After this presentation, attendees will:
    - Understand the core principles of people-centric cloud security, and why it’s important to adopt them now.
    - How enterprises can achieve a unified, layered defence to cloud and resultant data impact issues.
    - Understand how their organization can adapt a people-centric cloud security strategy, integrating with and enhancing their infrastructure.
  • How to Navigate Insider Risk Recorded: Mar 15 2021 33 mins
    Brian Reed, Cyber Evangelist, Sai Chavali, Sr. PMM
    In a work-from-anywhere and data-is-everywhere world, security leaders are having to rethink their security programs to manage the risk of external attacks as well as manage the risk from within.

    Watch Proofpoint’s experts Brian Reed, Cyber Evangelist, and Sai Chavali, Sr. Product Marketing Manager, as they discuss how a people-centric approach will help you strengthen resilience and navigate insider risk.

    We'll cover:

    ● The 2020 Gartner Market Guide for Insider Risk Management Solutions
    ● The three main types of insider threat profiles and how to address each
    ● How to deploy an insider threat management program comprising people, processes, and technology

    *Gartner Market Guide for Insider Risk Management Solutions, Jonathan Care, Brent Predovich, Paul Furtado, 20 December 2020
Proofpoint is a leading cybersecurity company that protects organizations' greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, we help companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on us for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Panel: Email Fraud - the Ins & Outs of Business Email and Account Compromise
  • Live at: May 11 2020 5:25 pm
  • Presented by: Jake Gordon, Rich Wegner, and Scot Lymer from various companies
  • From:
Your email has been sent.
or close