SMB Nation Blog

SMB Nation has been serving the Bainbridge Island area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Leveraging the Power of AI to Stop Email Scammers

Staff members are on the frontline when it comes to cyberattacks against their employers. They’re increasingly seen by hackers as a weak link in the cybersecurity chain. That’s why most threats today come via email, aimed squarely at tricking the recipient into downloading malware, divulging log-ins or making wire transfers to the attacker. Trend Micro predicts cumulative losses from Business Email Compromise (BEC) attacks alone will hit $9 billion this year.

As attacks get smarter, so must we. That’s why Trend Micro is SMB Nation WhatsYourX Banners 220x150introducing two innovative new offerings to help in the fight against email scammers. One is a new AI-powered feature designed to improve BEC detection while the other will help IT teams train their employees to spot phishing attacks. It’s one more step towards taking the fight to the bad guys.

The email threat

There’s no doubt that email is the primary threat vector for attackers targeting organizations today. The Trend Micro™ Smart Protection Network™ blocked more than 66 billion threats in 2017, over 85 percent of which were emails containing malicious content.

BEC is an increasingly favored tactic as the rewards can be huge. It’s hard for many organizations to spot because attacks typically don’t contain any malware; they rely mainly on social engineering of the carefully selected recipient. That recipient, usually in the finance department, is sent an email impersonating the CEO, CFO, or other executive requesting that they urgently make a wire transfer or reply with sensitive data. With average losses topping $130,000 per incident, it’s no surprise that we saw an increase in attempted BEC attacks on our customers of 106 percent between 1H and 2H 2017.

This is not to underplay the impact phishing continues to have on organizations around the globe. By targeting employees, attackers can spread malware and covertly infiltrate networks to steal sensitive data and IP. Results from the Black Hat Attendee Survey last year illustrate the impact this trend is having on organizations.

  • IT Leaders cited phishing as their #1 security concern
  • Phishing was identified as the most time-consuming threat
  • The weakest link in IT security was cited as end users being tricked by phishing attacks
  • 19 percent rated phishing as the most serious cyber threat to emerge within the past year, second only to ransomware

Taking action

The potential financial and reputational damage of such attacks is obvious. In the face of these rising threat levels we must hit back — and we have, with two new free tools.

Writing Style DNA includes new AI-powered technology that learns how executives write so that it can spot impersonation attempts, and sends a warning to the implied sender, recipient and the IT department. It sounds straightforward but requires serious computing power and smart AI algorithms to achieve. For each user, a personal model is created using 7,000 features of writing characteristics to train the system — things like punctuation and sentence length. We convert emails to meta data before analyzing, to protect customer’s privacy and meet compliance requirements.

Focusing on the writing style in the body of the email complements existing techniques that analyze behavior and intention. Some of these current techniques can fail if, for example, the attacker uses compromised accounts at legitimate domains to hide the true origin of the email. It’s one more tool to help IT teams push back the rising tide of email threats, and it will be made available at no extra cost as part of Cloud App Security (CAS) for Office 365 and ScanMail for Microsoft Exchange (SMEX),

First line of defense

Technology is a vital layer of defense to keep email threats at bay. But what about your employees, who are often thought of as the ‘weakest link?’

We can help here, too. A new free SaaS-based phishing simulation service can help IT teams train employees to spot attempted attacks before they have a chance to impact the organization. Phish Insight is all about enhancing awareness of your staff. All it takes is one administrator, four steps and five minutes to run a real-world exercise designed to mimic what employees might see at their desks.

With the detailed reporting results, displayed in a handy graphical interface, IT teams can then tailor their education programs to make lasting behavioral changes.

Phish Insight is now available free of charge to all organizations of all sizes around the world. The service has been available for a year in Asia and has generated huge interest as organizations leverage it to turn their weakest link into a formidable first line of defense. As email threats continue to rise, we’d encourage you to take a look.

To stop phishing and social engineering attacks it is critical to make both your people and your technology smarter. Phish Insight trains your people to better spot phishing attacks and Writing Style DNA confirms the authorship of an email to prevent CEO fraud and other types of BEC attacks.

Continue reading
2333 Hits

Don’t just add the Security “S” to your Managed Services

Author: Ryan Delany, Trend Micro MSP Solution Marketing Manager

Expanding and putting more focus on your current security offerings is a great way to find new business opportunities.

Adding the “S” is the easy part; just ask any managed service provider that views security as just a “checkbox” and offers one of the cheaper or RMM-integrated security offerings without giving much thought to customers’ security needs or total Securitycost of ownership. As a managed service provider though, you are in the business of taking on risk for your customers and security is one of the best ways to reduce and mitigate this risk and add value for your customers and for your business.

2017 was a noteworthy year for cyber security, with major incidents such as WannaCry, Not Petya, Spectre and Meltdown making worldwide news. As a result, security is now top of mind for your customers. The opportunity to expand and focus on building out your security services offering is greater than ever. According to Kaseya’s recent 2018 MSP Benchmark Survey, 33% of respondents cited security as the top challenge or need, while all others were less than 10%. The survey also pointed out that security was the top revenue driver and most popular service for growth. As we know, with challenge and need comes opportunity

So exactly which areas are ripe for opportunity?


As the adoption of Office 365 and other cloud services continue to grow it is important to encourage customers to think about how they are protecting their data and other Office 365 assets (i.e: email, One Drive & Sharepoint). According to the Trend Micro Cloud App Security 2017 Report, we detected and protected against over 3.4 million threats within our customers Office365 environments, and that was after everything had been scanned by the native security features and deemed safe. Customers in regulated verticals moving to Office 365 not only have to worry about threats but also meeting compliance, so adding additional layers of security is a great way to increase your value and mitigate your customer’s risk.

Public Cloud

Public cloud security is another area of growth. Security in the public cloud is a shared responsibility and a lot of customers forget this piece, so it’s up to you to help them remember. As a managed service provider, you may already be in the business of helping your customers design, architect & migrate workloads to the public cloud. While the public cloud brings a lot of cost savings, it also brings a lot of challenges and risks. If you aren’t taking security in public cloud infrastructure in to consideration, it’s time to start! 


As mentioned above, 2017 was a big year for cyber security, which makes this a great time to re-evaluate your endpoint security offerings while you’ve got your customers’ attention. The endpoint and the user are one of the most easily attacked vectors as humans tend to be the weakest link in the security chain.  It is important to have a robust security offering to provide maximum protection for your customers and reduce or eliminate your costs related to remediating security related incidents. Things you should consider:  Does my current endpoint security offering include encryption, data loss prevention, application control and URL filtering? Is my current endpoint security offering cloud-based? Does my current endpoint offering leverage the latest detection technologies such as machine learning? The more robust of an offering, the more services you can build around that offering.

When you’re ready to do more than just add the “S” to your managed services, come visit us at and learn more about how we can help you transform your business as you increase value to your customers.

Continue reading
1413 Hits

Bridging the Generational Gap with Trend Micro XGen™ Security

We’ve entered a new era of cyber threats. It’s like no other that’s gone before, in that CISOs must battle not only the huge volume of “old threats” out there but also a growing array of stealthier new attacks designed to circumvent traditional tools.SMB Nation WhatsYourX Banners 220x150 These could include certain types of targeted attacks, ransomware, zero-day threats, and even business process compromise. And they have to deal with a much larger attack surface created by cloud, mobility, and riskier user behavior.

That’s why, in this new era, organizations need to bridge the gap between an old and new generation of threats, IT architectures, and yes, even user behaviors. That’s just what Trend Micro XGen™ security was designed to do.

Known and unknown

IT security teams have a problem. On the one hand the volume of known bad threats knocking at the door has reached epidemic proportions. Trend Micro blocked 80 billion such attacks in 2017 alone. But that’s just the start. Thanks to the growing availability of tools and knowledge on the dark web, we’re also seeing a surge in new and unique threats – something like 500,000 every day. These require more advanced techniques to spot and block.

Deploying advanced security to all parts of the organization can be challenging because it requires different operational skills and resources. Many organizations do so with point products, which multiply the IT workload, impair visibility and performance and can leave gaps for the threats to sneak through.

The XGen difference: cross-generational

Many security vendors claim to have a single silver bullet to tackle this new era of cyber threats. I wish that were true, but it simply isn’t that straightforward. Machine learning alone is not the answer. While it can be a powerful way to predict whether an unknown file is malicious, it is also more computationally intensive with a higher rate of false positives, so is not the most efficient or effective way tackle the massive volume of known bad threats. Instead, there needs to be a ‘cross-generational’ approach that knows how to use the right threat defense technique at the right time to ensure maximum protection with the utmost efficiency. XGen™ security does exactly that, including – but not limited to – the following:

Antimalware and Content Filtering to quickly detect and block the massive number of known bad files, URLs and spam.

Behavioral Analysis including memory inspection, suspicious action monitoring and browser exploit protection examines an unknown item and its behavior at runtime to determine if it’s suspicious.

High-Fidelity Machine Learning
uses mathematical algorithms to predict maliciousness, with the ability to analyze unknown files before execution and during runtime for greater accuracy,. It also features “noise cancellation” capabilities to reduce false positives.

Sandbox Analysis enables on-the-fly analysis of unknown threats – allowing them to run in a safe environment to examine their behaviors.

Intrusion Prevention shields known vulnerabilities against unknown, zero-day exploits.

Application Control allows only known good applications to install or run.

Integrity Monitoring flags any suspicious system changes.

Response and Containment enables investigative forensics, quarantine of suspicious items and automated security updates.

The Trend Micro Smart Protection Network – our cloud-based global threat intelligence which blocks 250 million threat each day – fuels these techniques to ensure customers are protected against the latest threat findings.

What’s more, the XGen™ approach to security also eases the burden on IT security. Threat defense techniques are designed to fit each layer of security—user environments, networks and hybrid clouds—making it faster and easier to deploy and manage. And, the solutions seamlessly share threat intelligence, enabling automated security updates. Everything is also nicely connected through a central console that offers visibility across security layers, speeding time to response.

As this generation quickly blurs into the next—with hackers continuing to add new types of threats to the volume of existing ones, and with the number of points to protect growing every day – IT security leaders must adopt a cross-generational approach to security.

Continue reading
1969 Hits

Trending - Trend Micro's Office 365 play

Back in the early Windows Small Business Server (SBS) days, Trend Micro made a significant commitment to developing solutions and branding around SBS. In no small part it contributed to the multi-fold growth Trend Micro has experienced over the past 15-years. I certainly appreciate its community commitment because year-in and year-out, community members could depend on Trend Micro to suit up and show up.

Now it feels like déjà vu. Trend Micro is going big in the Office 365 community this year. It starts with strategic direction at the top management level. Seeing the momentum of Office 365 growth at 70% year-over-year in Microsoft FY2016  it’s easy to see why Trend Micro is placing bets on this community.

Here is what you can expect from Trend Micro’s Office 365 push moving forward.  

Community involvement. Trend Micro is again appearing more and more at numerous community events. These include our own Tour de Cloud events starting in mid-September.

Microsoft Worldwide Partner Conference (WPC). A couple of years ago as Office 365 was building momentum, Trend Micro was the only major security ISV at the 2014 WPC and I wrote about it here. The context was reintroducing Trend Micro to the community because with the demise of SBS and the early stages of Office 365 growth, there was a perception we’d lost touch with Trend Micro, even if briefly.

Long-term Commitment. When Intel acquired McAfee it essentially rebuffed community outreach efforts to engage in sincere and mindful ways with the working men and women of SMB Nation, focusing on the Big Boys and Distis. Fast forward the movie and McAfee is gone, a victim of Intel arrogance. That misstep underscores that Trend Micro is doing right by the SMB Nation tribe right here right now.

Bottom line: Learn more about Advanced Threat Protection for Office 365 and File Sharing here.


TrendMicro Ransomware

Continue reading
1693 Hits

Webinar: Ransomware!

Join Harry Brelsford and Patrick Thomas for this content-rich 60-minute webinar focused on the RANSOMWARE!

The ransomware body count is rising. In the first 3 months of 2016 over 209 million dollars was paid out by SMB companies. That’s a 30% increase Year over Year. And e-mail continues to be the main culprit. We want to make sure you are equipped with the latest information, technology, and resources to prevent cyber-criminals from kidnapping your customer’s most important asset, their data. We’ll review our best-in-class SMB solutions and the top 3 conversations you must have with your customers.

 Thu, Aug 11, 2016 12:00 PM - 1:00 PM PDT



Trend Micro Ransomware

Continue reading
1614 Hits

Trend Micro supports hybrid architectures

Security software provider Trend Micro continues to work to protect small business and enterprise from data vulnerabilities in hybrid cloud infrastructures. trendmicro

“A hybrid strategy helps many companies maximize existing infrastructure investments while successfully migrating to the cloud,” said Mark Nunnikhoven, vice president, cloud research, Trend Micro. “Even during an ‘all-in’ migration, there is a transition period where organizations have to manage IT assets across multiple environments. Security that can bridge both is a critical component in keeping corporate data safe and meeting compliance requirements. Our Deep Security platform allows users to pursue a hybrid strategy with confidence.”

Trend Micro’s integrated solution, Trend Micro Deep Security, is designed to enable compliance across workloads, giving organizations the ability to operate securely on-premises and in the cloud.

Continue reading
2056 Hits

Trend Micro Deep Security Available on Azure Marketplace

Security solution provider Trend Micro Incorporated announced yesterday availability of cloud and data center platform Trend Micro Deep Security on the Azure Marketplace.

The solution is designed to extend security provided by Microsoft Azure and help organizations meet their shared security-enhanced responsibilities.

“We are pleased that Trend Micro Deep Security is now available on the Azure Marketplace,” said Nicole Herskowitz, senior director of Product Marketing, Microsoft Azure. “By making Trend Micro Deep Security available on our cloud platform, Trend Micro is providing automated cloud security for Azure workloads to customers around the world.”

Deep Security meets PCI and HIPAA requirements and defends against malware and network attacks.

Continue reading
1940 Hits

Trend Micro Uncovers ACH Fraud

Trend Micro announced earlier this week companies are targets for macro malware BARTALEX in an outbreak of spammed messages related to Automated Clearing House fraud.TrendMicro

These spammed emails lead to a Dropbox page with specific instructions and a Microsoft Office warning, closely resembling a non-malicious page. More than 1,000 macro-based malware links are hosted on the Dropbox site, and Trend Micro contacted Dropbox for removal.

According to V3, a U.K.-based technology website, Dropbox is aware of the campaign and taking action against the hackers and malware.

The United States is the top country affected by BARTALEX malware, according to the Smart Protection Network.

Hashes for the malicious files are available here, along with the full Trend Micro advisory.

Continue reading
1529 Hits

Trend Micro Releases List of New Year’s Resolutions

Trend Micro today released a list of five New Year’s Cyber Resolutions to help businesses and individuals have a safe and happy 2014. The driving force behind today’s announcement is the company’s prediction that digital threats will increase in both scope and sophistication next year.

The five resolutions released by Trend Micro are as follows:

Continue reading
1619 Hits

Trend Micro Releases Cyber Security Concern Predictions

Earlier this week, Trend Micro Incorporated released its report on security predictions for 2014. “Blurring Boundaries: Trend Micro Security Predictions for 2014 and Beyond” outlines top areas of concern for cyberattack, particularly through mobile banking and targeting infrastructure attacks.

Continue reading
2116 Hits

Oops…My Bad! 5 Blogs We Missed Last Week

Oops ladyHere we go again! As I do each week, I am really enjoying bringing our readers a quick round-up of the blog coverage I didn’t manage to get to during the week prior.

 In addition, here at SMB Nation, we are already gearing up for our annual fall event to be held Oct. 10-12 in Las Vegas at the Rio! We have been hard at work designing a brand new Web site specifically for this event, which you must check out today: For additional information on the new Web site, our cool XP Migrations video produced by Bigger Brains, and our fall conference, check out our blog post here.

Continue reading
3328 Hits