Business email compromise (BEC), spear phishing, and account takeover are today's top email threats. These hyper-targeted attacks trick employees into making costly mistakes. Barracuda combines artificial intelligence and deep integration with Microsoft Office 365 to provide a comprehensive cloud-based solution that guards against these potentially devastating attacks.
Deploy AI-driven security
Barracuda's unique API-based architecture lets its AI engine study historical email and learn users’ unique communication patterns to create an identity graph of each user. It can then identify anomalies in message metadata and content, to find and block socially engineered attacks in real time. This approach, based on historical patterns, is far more accurate than traditional policy based strategies for detecting socially engineered and accounttakeover attacks.
Stop account takeover and lateral phishing
Account takeover lets hackers secretly study their target and plan their attack. Gateway defenses never see the internal attacks that are launched from these compromised accounts, so they can't detect them. Barracuda stops phishing attacks used to harvest credentials for account takeover. It detects anomalous email behavior and alerts IT, then finds and removes all fraudulent emails sent from compromised accounts.
Find what’s hiding in your inbox.
It’s critical to assess and understand your email security vulnerabilities. Using artificial intelligence and API integration with Office 365, the Barracuda Email Threat Scanner is a free tool you can use to find social engineering attacks currently sitting in your mailboxes. Once identified, quickly eliminate existing threats with Barracuda Email Protection, before users are able to interact with them.
Detect threats that email gateways can’t.
Email attacks have been increasing in their complexity and ability to evade traditional defenses. Phishing and impersonation attacks use customized social engineering tactics to trick your email users into providing credentials, paying an invoice, or sharing sensitive documents. Barracuda outsmarts these targeted attacks by recognizing the malicious intent of these messages. Barracuda phishing and impersonation protection works silently in the background to block attacks from reaching their intended targets.
Brand impersonation
Barracuda stops attacks that impersonate well-known brands using high-reputation links to avoid detection.
Business email compromise
Barracuda stops business email compromise and CEO fraud from reaching its intended recipient.
Conversation hijacking
Barracuda stops attempted conversation hijacking and vendor impersonation that can lead to substantial monetary losses.
Stop spear-phishing attacks with AI-driven inbox security.
Barracuda combines an email gateway with direct API integration into your Office 365 environment. This integration provides visibility into internal, external, and historical email communication for every individual in the organization. Barracuda’s artificial intelligence (AI) uses these messages to learn communication patterns within the company and between employees. The API architecture enables the phishing and impersonation protection to identify and block attacks in real time, with no impact on email or network performance.
Identify impersonation attempts before they reach your users.
Barracuda AI uses the metadata from internal, external, and historical emails to create an identity graph for each Office 365 user. The identity graph uses email addresses, document types, names used, natural language analysis (NLP), and other data that define the unique communication patterns of an individual. These learned patterns allow Barracuda to identify behavioral, content, and link-forwarding anomalies in your company’s email communications. This real-time protection secures your inbox from spear phishing, business email compromise, lateral phishing, and other targeted threats.
Remove malicious messages and impersonation attempts in real time.
Barracuda Phishing and Impersonation Protection is unique in that it is continuously hunting for threats and automatically secures the inbox upon threat detection. When an unusual or malicious email is found, it is removed from the inbox before the user can interact with the message. Remediation is done in real time, with notification alerts sent to both users and IT administrators.
Features:
AI for impersonation protection
Prevent spear phishing
Barracuda can automatically detect and prevent spear-phishing attacks that evade traditional email security systems. Barracuda’s AI engine learns each organization's unique communication patterns and leverages these patterns to identify anomalies and quarantine spear-phishing attacks in real time.
Prevent BEC and CEO fraud
Barracuda automatically quarantines business email compromise attacks by detecting anomalies in the email header, as well as the content of the email. The AI does not require any manual rules or user setup and can detect any type of BEC attack automatically from day one.
Detect employee impersonation
Barracuda can detect any type of employee impersonation, including impersonation of executives, as well as mid- and low-level employees. It can detect spoofed emails, typosquatted domains, and impersonation emails sent from free or personal email clients.
Stop zero-day phishing
By discovering anomalous communication patterns within the body of the email, the link, or the email header, Barracuda can stop zero-day phishing attacks that evade other email security systems. It can detect any type of zero-day phishing attacks, including links leading to a fake sign-in page, as well as links to malicious websites.
Detect web impersonation
Barracuda has been trained to recognize and automatically quarantine phishing emails that impersonate web services, such as Microsoft Outlook, Docusign, and Dropbox. The Barracuda AI can prevent web impersonations, even when they use deceptive characters or zero-day links.
Stop inbound spoofing
Barracuda automatically stops attacks that impersonate employees by spoofing their email address. The AI engine recognizes the anomalies in spoofing emails and quarantines them.
AI determines employee risk
Barracuda AI can automatically predict which employees are likely to be targeted by spear-phishing attacks, based on their role and their day-to-day access to sensitive information.
Continuous learning
Customers can report false positives and missed attacks to Barracuda, which are used to retrain the AI classifiers. This enables the AI to continuously improve its precision and adapt its detection capabilities.
Exportable reports
The raw data from the AI detections can be exported to a CSV file.
Flexible API-based deployment
Lightweight architecture
Barracuda Impersonation Protection uses Office 365 APIs to connect directly to your environment. The APIs allow the AI to both learn customer historical communication patterns, as well as detect and quarantine emails in real time. It’s a cloud-based SaaS solution that requires no maintenance or installation.
Instant setup
You can set up Barracuda’s impersonation protection in 1 minute by simply signing up and connecting it to your Office 365 tenant. No need to change your MX records or install any software.
Works with any gateway
The API architecture allows impersonation protection to work alongside any existing gateway-based email security solution as a last layer of defense for targeted attacks.
Historical assessment
The Barracuda AI engine can be applied to historical emails, using the Email Threat Scanner for Office 365. This allows customers to generate a free email-risk report to see what types attacks are not being stopped by their existing systems, understand the value that can provide, and provide ROI for senior executives. The Email Threat Scanner for Office 365 takes two minutes to set up and is completely free.
Plans:
Phishing and Impersonation Protection is included as part of Barracuda Email Protection Advanced, Premium and Premium Plus. Find the plan that’s right for you.
Combine email gateway and artificial intelligence to block threats.
Ensure protection against all 13 email threat types.
Automate post-delivery threat hunting and response.
Includes everything from Premium.
Improve user security awareness.
Protect and restore your Office 365 data.
Discover sensitive data and undetected stored malware.
Demonstrate compliance with regulatory requirements.
Capabilities
Advanced
Premium
Premium Plus
Spam and Malware Protection Identify and block spam, viruses, and malware delivered via email messages. Using virus scanning, spam scoring, real-time intent analysis, URL link protection, reputation checks, and other techniques, Barracuda scans email messages and files.
Attachment Protection Barracuda combines behavioral, heuristic, and sandboxing technologies to protect against zero-hour and targeted attacks. A sandbox environment is used to detonate and observe behavior of suspicious attachments.
Link Protection Link Protection automatically rewrites URLs so that Barracuda can sandbox the request at click time to block malicious links.
Email Continuity In the event of a mail server outage or loss of connectivity, an emergency mailbox lets users continue to send and receive emails, staying productive until your primary servers are back online.
Email Encryption Secures your mail by encrypting it during transport to the Barracuda Message Center, encrypting it at rest for storage in the cloud, and providing secure retrieval by your recipients through HTTPS web access. Create a policy to automatically encrypt emails based on their sender, content, and other criteria.
Data Loss Prevention Create and enforce content policies to prevent sensitive data, including credit card numbers, Social Security numbers, HIPAA data, customer lists, and other private information, from being sent by email. Policies can automatically encrypt, quarantine, or block certain outbound emails based on their content, sender, or recipient.
Phishing and Impersonation Protection Automatically detect and prevent impersonation, business email compromise, and other targeted attacks. Barracuda’s AI engine learns each organization's unique communication patterns and leverages these patterns to identify anomalies and prevent socially engineered attacks in real time.
Account Takeover Protection Stop phishing attacks used to harvest credentials for account takeover. AI detects anomalous email behavior and alerts IT, then finds and removes all fraud emails sent from compromised accounts.
Automatic Remediation All user-reported messages are automatically scanned for malicious URLs or attachments. When a threat is detected, all matching emails are automatically moved from users' mailboxes into their junk folders.
Threat Hunting and Response Quickly identify and efficiently remediate post-delivery threats by automating investigative workflows and enabling direct removal of malicious emails.
Automated Workflows Build custom playbooks to completely automate your incident response process. Admins at any technical level can create a workflow by defining a trigger, determining conditions, and assigning the desired actions through a simple user interface.
SIEM/SOAR/XDR Integration Orchestrate incident response cross-product with RESTful API (beta) and syslog integrations. Remotely administer and configure incident response capabilities and store your event data for tracking, analysis, and troubleshooting.
Domain Fraud Protection Prevent email domain fraud with DMARC reporting and analysis. Barracuda provides granular visibility and analysis of DMARC reports and helps you minimize false positives, protect legitimate email, and prevent spoofing.
DNS Filtering Protect users from accessing malicious web content with advanced DNS and URL filtering.
Cloud Archiving A cloud-based, indexed archive allows for granular retention policies, extensive search, role-based auditing/permissions, legal hold, and export. Easily comply with e-discovery requests and regulatory or policy-retention requirements.
Cloud-to-Cloud Backup Get data protection and cloud backup for Office 365 data, including Exchange Online mailboxes, SharePoint Online, OneDrive for Business, and Teams. Fast point-in-time recovery in the event of accidental or malicious deletion.
Data Inspector Automatically scan your OneDrive for Business and SharePoint data for sensitive information and malicious files containing malware. Use it to develop policies that comply with GDPR, CCPA, and other data privacy regulations.
Attack Simulation Simulated phishing attacks are constantly updated to reflect the most recent and most common threats. Simulations are not limited to email, but also include voice, SMS, and portable-media (USB stick) attacks.
Security Awareness Training Get access to advanced, automated education technology that includes simulation-based training, continuous testing, powerful reporting for administrators, and active incident-response awareness.
