PRE-Crime™ targeted attack defense preemptively detects the most sophisticated in-progress Business Email Compromise (BEC) attacks targeting you, your suppliers and your clients, preventing the cybercrime.
BEC attacks are a specific type of “phishing” attack that relies on targeting specific people within organizations. Attackers seek monetary payment as a direct outcome, and types of BEC attacks include (but are not limited to) diverting payment on a valid invoice to a fraudulent bank account, submitting a fake invoice for payment, among others.
This article focuses on how to read the information contained in the various Pre-Crime reports.
Pre-Crime Reports are designed to provide maximum forensic insights while also including business-interesting information for “green” zone (low risk) insights about the lifecycle of your messages sent.
Active Tracker reports will only be triggered for green zones, while Eavesdropping reports will be triggered for yellow and red zones.
Example of an Active Tracker report
Example of an Eavesdropping report
The report clearly indicates the security level (red, yellow or green) of the email open zone that triggered the notification, the number of opens, number of locations where your company’s email was viewed, and a world map highlighting the geographic location where the open took place.
The report then lists all activities with your email, timestamped, per geo location and IP address, plus the geo location risk level.
Lastly, the email provides the original message details like original recipient, original sender (in the admin report), sent time and transaction ID, and includes a deep forensic meta data record in case IT security needs to do further investigation on a particular message.