Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
SMX launches new anti-phishing software to combat sophisticated email fraud attacks
Posted on 21-Jun-2016 19:02. | Tags Filed under: News.



SMX Limited, New Zealand’s largest cloud email security company, has launched new software enhancements to its SMX SmartRules® software designed to protect against sophisticated email phishing fraud.

 

SMX Chief Technology Officer, Thom Hooker, says sophisticated variations of phishing (or targeted email attacks) – termed ‘spear phishing’ and ‘whaling’ respectively – represent the most serious cybersecurity threat currently facing New Zealand businesses and organisations.

 

“There are companies out there right now losing substantial amounts of money, confidential information, or both. A number of law firms have been hit particularly hard,” Hooker says.

 

Spear phishing and whaling are forms of targeted email attack, or phishing, Hooker explains, where a combination of social engineering and email spoofing techniques is used to steal money or confidential information from businesses – and it is becoming increasingly prevalent. 

 

Spear phishing targets a group of people – for example, employees or customers of a specific company, or even a specific person.

 

Whaling is a variation of spear phishing that targets high-level executives with the objective of conning them into sharing confidential company information. A fraudster may, for example, identify key executives with funds transfer authorisation, and send counterfeit emails authorising funds transfers, using those executives’ details. 

 

To combat both spear phishing and whaling attacks specifically, SMX has developed new algorithms and new ‘rules’ have been added to SMX’s SmartRules® module, Hooker says. These allow SMX, or an organisation’s IT department, or an external IT service provider, to create and apply new rules and supporting processes to protect identified likely or known spear phishing or whaling targets within an organisation.

 

New functions have also been enabled on SMX's email security filters to further interrogate the metadata associated with each email. These new features detect and remove spear phishing and whaling attacks in real time from SMX's customers’ email flow without the end-user needing to enable them.

 

For example, Hooker says, whaling and spear phishing attacks rely on a mismatch between what the target sees in their mail client and what is ‘parsed’ by the mail server. By providing SMX with a list of potential spear phishing and whaling targets and victims, along with the normal email addresses they send from, SMX's DLP (data loss prevention) engine is configured to block or quarantine any emails which have mismatches.

 

For very high risk whaling targets, an even more stringent layer can be added where only authorised email addresses are allowed through the filters. This does require creating and maintaining a list of authorised addresses associated with each target. However, once this rule is set up maintenance is only required when list members change and this can be carried out by the customer's IT team with minimal training.

 

“The bottom line is that email security has to be dynamic and able to respond quickly with new defences to new threats as they emerge. A key strength of SMX is that as a cloud service we can implement new defences for all of our customers literally in real time,” Hooker says.

 




comments powered by Disqus




Trending now »

Hot discussions in our forums right now:

NZ Prime Minister John Key Resigns
Created by ajobbins, last reply by networkn on 8-Dec-2016 12:46 (201 replies)
Pages... 12 13 14


The President Of The USA - Who do you think?
Created by TimA, last reply by Sideface on 8-Dec-2016 08:34 (905 replies)
Pages... 59 60 61


Dishwasher not Working Properly
Created by tdgeek, last reply by mdav056 on 5-Dec-2016 20:18 (28 replies)
Pages... 2


Wilson's Car Park - When Free is not free
Created by nzkiwiman, last reply by Dratsab on 8-Dec-2016 13:14 (44 replies)
Pages... 2 3


Spark not planning to deploy native IPv6 at all. Ever.
Created by Erayd, last reply by sbiddle on 7-Dec-2016 20:57 (19 replies)
Pages... 2


Spark wireless broadband and home /lan access: CGNAT limitations
Created by yokkem, last reply by yokkem on 8-Dec-2016 13:07 (16 replies)
Pages... 2


JB Hifi Cost & GST Sale - 7th Dec
Created by Finch, last reply by Kopkiwi on 7-Dec-2016 15:11 (16 replies)
Pages... 2


Japan - what to do, where to go etc
Created by nzkiwiman, last reply by nas on 6-Dec-2016 21:21 (16 replies)
Pages... 2