How To Detect & Prevent Attacks due to Eavesdropping

How To Detect & Prevent Attacks due to Eavesdropping

August 31, 2023 / in Blog / by Zafar Khan, RPost CEO

Wouldn’t you like to know if an email sent to a client is actively being eavesdropped on by cybercriminals?

Consider this when you’re driving to the beach this Labor Day Weekend…I was driving on the freeway the other day ALONE, in my wife’s car, listening to music on the radio. Suddenly, a telephone conversation with my wife and one of her friends piped into the car audio system—you know, the Bluetooth handsfree function. 

The strange thing about this was, she was nowhere to be seen—not in the car, not visibly nearby. After some puzzlement, I realized that she just happened to be in a friend’s car overtaking me on the freeway! When she passed my car (her car that I was driving), the Bluetooth auto connected her phone conversation to the car I was in. Here I was, unintentionally eavesdropping on bits of her conversation that was piped into the car audio in the car I was driving, the audio coming from a passing car on the freeway! Yikes!

Separately, I was peering over an IT staff member the other day, and he said he needed to check to see if ANOTHER staffer received an email. What did he do? Using standard Microsoft 365 administrative tools, he simply logged into that OTHER staffer’s email account as if he were that person, and all of that user’s email displayed on this IT staff’s computer. Here I was, experiencing how easy it is for one to (legitimately for business purposes) eavesdrop on bits of an email conversation on someone else’s remote computer. Yikes again!

The concept of digital eavesdropping on correspondence or Bluetooth conversation, when you experience it firsthand, is sort of an out-of-body experience. It’s as if there was a weird eclipse that whacked the normal balance of the world of technology off-kilter. But for cybercriminals today, it’s their new normal. This is simply what they do. They figure out, using a myriad of techniques, how to eavesdrop on digital communications and create filter-automated rules to be alerted when content in the inbox that they are eavesdropping on shows they should get ready to pounce onto an-in-process transaction.

They then lure an unsuspecting email user into believing they are “legitimately” changing payroll direct deposit bank information, paying invoices, or closing a transaction and wiring funds—only to later discover that the payment details were routing funds to an impostor bank account controlled by cybercriminals. 
 
If you could have the ability to detect if email sent to a client is actively being eavesdropped on by cybercriminals (at the recipient) with intent to lure them into mis-wiring funds, wouldn’t you like to know? Knowledge is power, which is critical for attorneys or title agents working on real estate closings, private client wealth managers sending investment funding details, lawyers closing corporate-related transactions or litigation-related settlements, or fundamentally any businessperson sending or receiving an invoice relating to substantial payments.

Now you can know if/when you’re being eavesdropped on with RMail AI-infused Email Eavesdropping™ detection technology that runs silently alongside your existing email systems. Watch this active threat detection tech in action in this recorded webinar or read more in this RMail Email Eavesdropping™ feature brochure.

In brief, if you use this RMail AI service, every email sent out of your organization will have every activity associated with it analyzed forensically for a period of time. Real-time alerts are transmitted if the RMail AI service identifies anomalous nefarious activity associated with an email delivery or later viewing. These alerts include all the email forensics that IT security specialists would need to validate and take immediate action before a cybercriminal lures users into mis-wiring money to the criminal’s bank. 

Feel free to contact us or to learn more about Email Eavesdropping™ detection technology. I think it’s safe to say that we all want to avoid those ‘yikes’ moments when we realize there’s someone listening in on our private exchanges.