PowerPoint Presentation

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTUtilizando dados da Return Path para promover sua marca17:10 - 17:40 Little Data, Big Decisions: Keynote Sentido para os dados. Direo para os negcios.15:20 - 15:50

Matt Blumberg, Chief Executive Officer, Return Path

Miranda Reeves, VP of Solutions Management,Return Path

Brian Westnedge Director, Client Services, Return Path17:40 - 18:00Dados reais, Resultados reais: Painel & Premiao de clientes

15:50 - 16:40Utilizando dados da Return Path para proteger sua marcaBoas-vindas e introduo15:00 - 15:20

Louis Bucciarelli, Regional Director LATAM, Return Path

18:00 - 20:00Coquetel de Networking

Bruno Motta Rego, InfoSec Director CISSP CSSLP

16:40 - 17:10Coffee Break

Eliane Iwasaki, Marketing DirectorLATAM, Return Path

Rodrigo MesquitaAccount DirectorReturn Path

Prmio Top 5Clientes

#RPWT

#RPWTNeed to update for each location.

2

Brian WestnedgeReturn PathSenior Director, Client Services

@bwestnedge

#RPWT

#RPWT

3

Using Return Path Data to Protect Your BrandBrian Westnedge, Sr. Director, Client Services, Email Fraud Protection@bwestnedge

#RPWTAgendaEmail fraud trends and impact

The power of data: email threat intelligenceThe Return Path Data CloudTactics used by cybercriminals today

Unite against email fraud: tips for defending your customers, brand, and bottom line

#RPWTEmail Fraud Trends & Impact

#RPWTEmail Delivers Business ValueIncreases Customer LoyaltyBoosts RevenueReduces Operating Costs

#RPWTValue to businessesEmail is a very valuable marketing medium for businesses for all of the above reasons (low cost, effectiveness, scale, format), but its also effective for fraudsters for the same reasons.

7

But Its Impact Is Being Eroded5 out of 6 big companies are targeted with phishing attacksPhishing costs brands worldwide $4.5 billion each yearRSA identifies a phishing attack every minuteEmail fraud hasup to a 45%conversion rateSource: http://www.emc.com/emc-plus/rsa-thought-leadership/online-fraud/index.htm$4.5 B1 MIN5/645%

#RPWTEvery day, beyond your control, cybercriminals send emails that spoof your brand, targeting your customers, partners, and suppliers with malicious content. Email Fraud continues to grow (50% YOY growth in volume of email attacks based on APWG data) and, in spite of the recent shutdowns of larger botnets, phishing shows no sign yet of abating, with more than 400 brands are phished each month (Anti-Phishing Working Group)

Two biggest trends: an increase in the volume of attacks and an increase in the sophistication.

8

Phishing Leads To Unwanted Media Attention

#RPWTPhishing is on old problem, and its not going away so lets look at the way it is impacting businesses today.

#1 Phishing is Making Headlines and Is Destroying ReputationsSome of the most respected brands out there are making the headlines: Amazon, Home Depot, Booking.com and more recently US health insurer giant Anthem.

9

Phishing Leads To Remediation CostsFraud LossesMalware InfectionInvestigationRemediation

#RPWT#2 Phishing Is Losing Companies Millions in hard costs

Fraud lossesMalware infection (secondary damages/losses)InvestigationRemediation

10

Phishing Leads To Revenue LossesReduced trust in brand:Subscribers dont know what to trust

Reduced effectiveness of emailISPs dont know what to trust

Customers are 42% less likely to interact with a brand after being phished or spoofed.

#RPWT#3 Phishing is Impacting Revenue.Email fraud has a dramatic impact on the trust your customers have in your brand.It also reduce the effectiveness of email that is legitimate. A great data point from Cloudmark here: customers are 42% less likely to interact with a brand after being phished or spoofed.

So, we all recognise that its an old problem and most of us know that it hurts our business. And yet many companies we speak to still struggle to justify investment in solutions, leaving their brands and their customers vulnerable. I believe thats because, in the first place, measuring the impact is difficult: tying fraud losses and expenses back to specific activities is difficult and quantifying the value of brand integrity has always proved elusive.

Okay, so lets talk now about solving the problem. Prior to working at Return Path, I worked in the brand & fraud protection industry for 10 years. And, during those 10 years, I watched the evolution and growth of the problem space and observed the stagnation of innovation.11

If you boil the jobs down of IT security professionals, they are ultimately tasked with protecting the brand If you have a breach, research suggests that 60% of your customers will think about moving and 30% actually do.Bryan LittlefairGlobal Chief Information Security OfficerAviva

#RPWT

#RPWTHere is a great quote from Avivas CISO Bryan Littlefair on why it is the CISOs responsibility to protect the brand, in collaboration with Marketing.12

Source: Spam and Phishing in the First Quarter of 2015, Kaspersky

Geography of phishing attacks, Q12015Top 10 countries by percentage of users attacked:Brazil Tops Most Phished Country ListRankCountry% of users1Brazil18.282India17.733China14.924Kazakhstan11.685Russia11.626UAE11.617Australia11.188France10.939Canada10.6610Malaysia10.4

#RPWTCan You Spot a Spoof?

#RPWT

From: service@paypal.com

From: PayPal

#RPWTCan you spot the spoof? (chances are you can)Now.. Are you confident YOUR CUSTOMERS can?

The simple answer is NO. So this is why it is critical that you use the right data to shine the light on all the types of email threats that are targeting your brand today.15

Anatomy Of A Phishing Emailto: You from: Phishing Company subject: Unauthorized login attemptDear Customer,

We have recieved noticed that you have recently attempted to login to your account from an unauthorized device.

As a saftey measure, please visit the link below to update your login details now:

http://www.phishingemail.com/updatedetails.asp

Once you have updated your details your account will be secure from further unauthorized login attempts.

Thanks,The Phishing Team1 attachmentMaking an emaillook legitimate by spoofing the company name in the Display Name field.Tricking email servers into delivering the email to the inbox by spoofing the envelope from address hidden in the technical header of the email.Including logos, company terms, and urgent language in the body of the email.Making an email appear to come from a brand by using a legitimate company domain, or a domain that looks like it in the from field.Creating convincing subject lines to drive recipients to open the message.Including links to malicious websites that prompt users to give up credentialsIncluding attachments containing maliciouscontent.

#RPWTIf you have to explain to marketing... graphic to use security and tech. See that as aware when comes to email look at points they can hit on in order to break through. Not just Friendly From, different ways to use email. What highlighting here.

Fits with email advantages email slide...

97% of people globally cannot correctly identify a sophisticated phishing email.And there is a plethora of ways fraudsters can spoof your identity

16

Email Fraud: Primary Attack VectorsDomain Spoofing(from domains owned by the brand)Brand Spoofing(from domains outside the brands control)

phish@company.com

company@phish.com

#RPWTFraudsters will target your brand in two ways: by spoofing your domains, or by spoofing your brand in other ways.Both attack vectors are critical and you need visibility into all attacks, which is why it is important to have access to the RIGHT data.17

The Power of the Right Data

#RPWTShow of hands if you think that the majority of the email threats against your brand spoof domains under your control? In other words, what percentage of attacks come from a legitimate hsbc.com domain?

18

Only 30% of Attacks Spoof Your Domains30% spoof your domain

Active Emailing DomainsNon-Sending DomainsDefensively-Registered Domains70% spoof your brand in other ways

Cousin DomainsDisplay Name Spoofing Subject Line SpoofingEmail Account SpoofingSource: Return Path / APWG White Paper, 2014

#RPWTWe ran some primary research in sept 2014, looking at 18 billion suspicious emails, targeting 11 banks in the UK and the US.And what did we discover?30% of the attacks came from an email address from a domain that was owned by the bankthat leaves 70% that were spoofed in some other ways like display name spoofing. This is REALLY relevant to our solution because we seek to address both: the 30% and the 70%.

We analysed 40 of the top global brands for a period of 2 months (july/August 2015) and looked at fraudulent emails coming from the 70% we covered here.

These are some of the tactics we were able to uncover thanks to email threat data:

1. Snowshoeing is still rife and monitoring IP reputations needs to be part of a multi-faceted email fraud protection strategy2. Fraudsters do not go to the trouble of rotating elements of their subject lines, preferring a more template-based approach. Access to message-level data from email threat intelligence sources should help you prioritize your efforts around attack mitigation. 3. The most frequently spoofed Header From field is the Display Name, for which there is currently no authentication mechanism. Visibility into Display Name spoofing is critical in identifying and responding to phishing attacks leveraging your brand.19

Knowledge Is Your Best Defense We know there is no silver bullet solution to combat against the other 70% of email attacks.

But we also know the only way to build a comprehensive defense is through comprehensive understanding.

Data is the key to that understanding.

#RPWTSo what are we saying: well at risk of sounding obvious, knowledge is your best defense.

20

Breadth, Depth, and Speed

Contactually

Molto

Paribus

GetAirHelp

Message Finder

Unsubscriber

Organizer

#RPWTWith such a complex threat landscape, you need breadth, depth and speed when it comes to email threat intelligence, and this is what we mean by it: data from mailbox providers, data from security vendors, and data from consumer inboxes to give you a complete pictures of all the threats spoofing your domains (under your control) and your brand (outside your control).21

EMAIL THREATDATA

Consumer inbox data

Email delivery data

Authentication results

Message level data

SPAM trap & complaints dataEMAIL THREATINTELLIGENCE

Domain-spoofing alerts

Brand-spoofing intelligence

Suspicious activity map

Fraudcaster URL feed

Sender Score: IP reputation

#RPWTPowered by the Return Path Data Cloud, our proprietary email threat intelligence empowers you to identify threats beyond DMARC so you can respond to the 70% of email attacks spoofing your brand from domains that you do not control. We use over 100 data feeds from more than 70 providers to detect, classify and analyze data relating to over 6 billion emails every day.

Now imagine having this data available to your teams so you can detect, block and respond to email threats in real time.

Respond to the 70% of email attacks spoofing your brand from domains that you do not own.DMARC is a great first step, but its not a complete solution, protecting your brand from only 30% of email threats. Powered by the Return Path Data Cloud, our proprietary email threat intelligence empowers you to identify threats beyond DMARC. We use over 100 data feeds from more than 70 mailbox and security providers to detect, classify and analyze data relating to over 5.5 billion emails every day.With Email Threat Intelligence, you can:Get insight into email threats, coming from domains that your company does not own (e.g. cousin domains, display name spoofing, subject line spoofing).View redacted message-level samples of fraudulent emails targeting your brand.Identify phishing URLs embedded in fraudulent emails and inform your takedown vendor(s).Integrate intelligence into your existing systems through a RESTful API.Manage all Email Governance and Email Threat Intelligence alerts from a single portal.22

Unite Against Email Fraud

Tips for defending your customers, your brand, and your bottom line.

#RPWTIts time to unite against email fraud And here are some of the leading brands out there at the forefront of this initiative (next slide)

23

Leading Companies Fighting Email Fraud

#RPWTDMARC (Domain-based Message Authentication Reporting & Conformance):Technical specification created to help reduce the potential for email-based abuse (www.dmarc.org) Prevents domain-based spoofing by blocking fraudulent activity appearing to come from domains under your controlProvides threat reporting mechanism (aggregate and forensic data)

#1: Authenticate Your Email

#RPWTSimply put, the DMARC standard works. In a blended approach to fight email fraud, DMARC represents the cornerstone of technical controls that commercial senders can implement today to rebuild trust and retake the email channel for legitimate brands and consumers.Edward TuckerHead of Cyber SecurityHer Majestys Revenue & Customs

#RPWT

#RPWT

26

Addressing the 70% of email attacks that spoof your brand using domains your company does not own requires email threat intelligence.

Get visibility into all types of email threats targeting you today.

#2: Leverage Email Threat Intelligence

#RPWTThe reality is, some attacks are always going to get through. The more prepared your customers are, the better.Create an educational websiteInclude anti-fraud language within your legitimate emailIn the event of an attack, warn your customers immediately

#3: Educate Your Customers

#RPWTEngage with Brand Protection teams to make the business case.

Create a sense of urgency.

Communicate the risks that result from not taking action:Email fraud destroys brand reputation and erodes customer loyaltyEmail fraud thwarts email marketing effectivenessEmail fraud negatively impacts revenue

#4: Raise Awareness with Top Executives

#RPWTSecurity understands the risks, but Marketing and Sales executives must be shown how this affects real dollars. This impacts revenue, market share and partnership opportunities, to name a few.

Reduced effectiveness: Once they have been harmed by something tied to your brand, customers are afraid to open anything that comes from you. All of the work you put into crafting an effective message is wasted, if they refuse to open it. This can be especially bad for seasonal promotions. The bad guys know youll be sending out special promotions, so theyll send their own versions to trick people. Word gets out about a scam and people wont open your promotional notes during the key perioe. This also skews your metrics, because you dont get a good sample of regular customer reactions to a campaign. Customers now have a bad feeling tied to your brand. Even if their head accepted the explanation that something was really not from you, their gut has a twinge when they see your brand. When theyre shopping next time, that will impact their mindset. Maybe theyll try another brand. (Google, Orbitz, Kayak searches) It's not just lower revenue. There are hidden added costs of dealing with reversing fraudulent purchases, resetting customer accounts, resolving customer issues. Also - It's not just about business. You don't want anyone using the power of your brand to trick people.29

Learn Morebr.returnpath.com/emailfraudprotection

Twitter: @StopEmailFraud

New: Download the Email Threat Intelligence report atbit.ly/EmailThreatIntel

#RPWTThank You!

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTUpdate based on each location.31

Bruno Motta RegoDiretor de Segurana da Informao de um Importante Ecommerce

@brunomottarego

#RPWT

#RPWT

32

Using Return Path Data to Protect Your BrandBruno Motta Rego, @brunomottarego

#RPWTThis can be the Hold Slide33

World Tour 2015We believe there is no better way to build relationships with customers and partners than to come together for inspiration, education, and networking.

Data is the key to creating trusted relationships with your customers. But data alone isnt enough. You need the right data and the right insights to promote and protect your brand. Join us on the World Tour to:AgendaDesafios do cenrio atual

Solues

Resultados

Consideraes finais

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTChallengesSolutionsResults Final considerations34

Desafios do cenrio atual

Abuso de marca: reputao e confiana do consumidorFalta de visibilidade: estratgia e agilidade de remediaoVulnerabilidade do consumidor finalMillhes de mensagens de phishing relacionadas marca identificadas por dia

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTAbuso de marca: praticantes de fraudes online se aproveitaram do reconhecimento da marca por entre os consumidores para realizar ataques maliciosos, utilizando formas agressivas de phishing, ttica que falsifica o domnio principal de envio de mensagens e envia e-mails fraudulentos. (explicar spoofing e risco de incluso do domnio em blacklists o que dificultaria a entrega de emails legtimos tambm)

Visibilidade: sem visibilidade do tamanho e escala de ciberataques, empresas costumam reagir a esses incidentes de maneira reativa, na maior parte das vezes tomam conhecimento dos ataques aps receber reclamaes de clientes por meio de seus canais de comunicao, porm no tm informaes suficientes para tomar medidas judiciais, como investigaes forenses

Vulnerabilidade do consumidor final: 97% no sabe identificar um email de phishing

Situao: total de 6 millhes de mensagens de phishing relacionadas marca em um nico dia (300 milhes ao ano)Fonte: Return Path (confirmar se poder divulgar estes nmeros!)

35

SoluesProtocolos de Autenticao

DMARCGovernana de e-mailsProcesso de implementao

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTprocesso de implementao do DMARC, de como chegaram na poltica de bloqueio das mensagens sem arriscar bloquear as mensagens legtimas por meio da governana.

E como atualmente feito o monitoramento destas informaes da plataforma da Return Path36

World Tour 2015ResultadosBloqueio de 99,78% de mensagens de phishing (Setembro/2015)

Reduo da incidncia de mensagens suspeitas

Confiana do consumidor

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTResults99.78% of phishing messages blocked in Sep2015Suspicious messagees reduced Gain customer trust37

World Tour 2015Consideraes finais

Monitore seu negcioDesafie-seCompartilhe melhores prticas com seus pares na indstria

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTFinal considerations (Got this from previous presentation that this client did during Mind the Sec event)Monitor your businessChallenge yourselfShare the best practices with your peers in industry38

Obrigado!

@brunomottarego

Sydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTSydney London So Paulo Chicago New York San Francisco Los Angeles Paris

#RPWTThis can be the Hold Slide40

#RPWT

#RPWT2015Blues4858.7862015Blues4127.3545