Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
SMX launches new anti-phishing software to combat sophisticated email fraud attacks
Posted on 21-Jun-2016 19:02 | Tags Filed under: News



SMX Limited, New Zealand’s largest cloud email security company, has launched new software enhancements to its SMX SmartRules® software designed to protect against sophisticated email phishing fraud.

 

SMX Chief Technology Officer, Thom Hooker, says sophisticated variations of phishing (or targeted email attacks) – termed ‘spear phishing’ and ‘whaling’ respectively – represent the most serious cybersecurity threat currently facing New Zealand businesses and organisations.

 

“There are companies out there right now losing substantial amounts of money, confidential information, or both. A number of law firms have been hit particularly hard,” Hooker says.

 

Spear phishing and whaling are forms of targeted email attack, or phishing, Hooker explains, where a combination of social engineering and email spoofing techniques is used to steal money or confidential information from businesses – and it is becoming increasingly prevalent. 

 

Spear phishing targets a group of people – for example, employees or customers of a specific company, or even a specific person.

 

Whaling is a variation of spear phishing that targets high-level executives with the objective of conning them into sharing confidential company information. A fraudster may, for example, identify key executives with funds transfer authorisation, and send counterfeit emails authorising funds transfers, using those executives’ details. 

 

To combat both spear phishing and whaling attacks specifically, SMX has developed new algorithms and new ‘rules’ have been added to SMX’s SmartRules® module, Hooker says. These allow SMX, or an organisation’s IT department, or an external IT service provider, to create and apply new rules and supporting processes to protect identified likely or known spear phishing or whaling targets within an organisation.

 

New functions have also been enabled on SMX's email security filters to further interrogate the metadata associated with each email. These new features detect and remove spear phishing and whaling attacks in real time from SMX's customers’ email flow without the end-user needing to enable them.

 

For example, Hooker says, whaling and spear phishing attacks rely on a mismatch between what the target sees in their mail client and what is ‘parsed’ by the mail server. By providing SMX with a list of potential spear phishing and whaling targets and victims, along with the normal email addresses they send from, SMX's DLP (data loss prevention) engine is configured to block or quarantine any emails which have mismatches.

 

For very high risk whaling targets, an even more stringent layer can be added where only authorised email addresses are allowed through the filters. This does require creating and maintaining a list of authorised addresses associated with each target. However, once this rule is set up maintenance is only required when list members change and this can be carried out by the customer's IT team with minimal training.

 

“The bottom line is that email security has to be dynamic and able to respond quickly with new defences to new threats as they emerge. A key strength of SMX is that as a cloud service we can implement new defences for all of our customers literally in real time,” Hooker says.

 




comments powered by Disqus




Trending now »

Hot discussions in our forums right now:

The President Of The USA: Donald Trump
Created by TimA, last reply by Fred99 on 26-Feb-2017 20:52 (3342 replies)
Pages... 221 222 223


"Parents' lawsuit claims FaceTime caused daughter's death"
Created by kingdragonfly, last reply by richms on 23-Feb-2017 11:03 (23 replies)
Pages... 2


Vodafone / SKY merger
Created by wingbat45, last reply by tdgeek on 25-Feb-2017 07:34 (136 replies)
Pages... 8 9 10


What is this green cabinet for?
Created by DarthKermit, last reply by MadEngineer on 24-Feb-2017 21:13 (20 replies)
Pages... 2


SureSignal missed calls
Created by hairy1, last reply by froob on 23-Feb-2017 20:23 (19 replies)
Pages... 2


Best way to network my computers
Created by Rikkitic, last reply by Rikkitic on 24-Feb-2017 11:24 (75 replies)
Pages... 3 4 5


I paid the wrong Bank Account, what can I do - advice wanted?
Created by harlansmart, last reply by JayADee on 26-Feb-2017 17:26 (49 replies)
Pages... 2 3 4


Did Chorus Increase its Layer 2 speed ?
Created by Mikek, last reply by darylblake on 24-Feb-2017 22:46 (14 replies)