Don’t Let Your Data Become Phish Food!

John Pinson
Aug. 18, 2014 by John Pinson

Stop the New Messaging Threats

Large-scale phishing email blasts still make the news, but today’s most dangerous digital attacks use spearphishing messages aimed directly at particular individuals or organizations. Both the Online Trust Alliance and Symantec accorded 2013 the dubious honor of being the year of data breaches. According to Symantec’s 2014 Internet Security Threat Report, the total number of breaches in 2013 was 62 percent greater than in 2012 with 253 total breaches. Eight of the breaches in 2013 exposed more than 10 million identities each. In 2012 only one breach exposed over 10 million identities.

Spearphishing exploits begin with targeted, personalized messages that seem legitimate, yet lure recipients to open malware, or hand over passwords or login information. Such attacks have an alarming success rate. When successful, they can result not only in the loss of critical data, but also the unauthorized use of email deployment systems or other critical infrastructure. Moreover, these attacks can jeopardize your sender reputation and your brand.

emailattacksummary_600x315

Target’s well-publicized data breach earlier this year cost the company deeply in terms of brand reputation and revenue and was traced back to a single phishing email. This is why all enterprises — and the email service providers (ESPs) that work with them — must safeguard not just inbound message streams, but outbound streams as well.

A More Intelligent Approach to Message Security

In a recent report released by the Online Trust Alliance scoring the email integrity of businesses, it was noted that:

Unfortunately, in many enterprises the email infrastructure does not natively support outbound signing or inbound checking for SPF, DKIM or DMARC. Equally as concerning is the lack of support for inbound authentication from leading MTAs (Mail Transfer Agents), the hosting community and email technology providers.”

– 2014 Email Integrity Audit report

Out of the 800 companies and brands that were audited, Message Systems was among the 12% of companies that measured up to the stringent security standards of OTA. Unlike commodity MTAs, Message Systems takes the issue of email security very seriously. Our email infrastructure platform, Momentum, (available in on-premise and managed cloud versions) is designed to support both inbound and outbound email authentication. A two-way approach is critical because threats change constantly, points of vulnerability are too numerous to list conclusively, and realistically not all messaging attacks can be prevented. You may think your security systems are functioning correctly, only to see a sudden spike in complaints, bounces or blocks in your outbound stream, exposing an attack in progress and a compromised email deployment system.

Spearphishing attacks per day

Respond Immediately and Prevent Recurrence

With Message Systems solutions, prevention and mitigation processes are inter-connected. Our customers gain the ability to apply a full range of default and custom policies for screening out abusive mail at the network and protocol layers. And they can integrate best-of-breed third-party solutions for optimal scanning at the content layer. With this approach, organizations can instantly take user feedback into account, pinpoint suspicious activity and take action before damage is done. Additionally, by facilitating responsive action and self-learning, Message Systems helps companies to not only stop malicious activities as quickly as possible, but prevent them from happening again in the future. In fact, Message Systems’ commitment to ensuring that our customer’s emails are safe from phishing attacks, is one of the many reasons why the world’s largest senders choose us to send 20% of global legitimate email.

Learn more about how DMARC is helping to save the world’s email in the How DMARC Is Saving Email eBook today!

How DMARC Is Saving Email

Share your Thoughts

Your email address will not be published.

Related Content

How to Bulletproof Your Email in 2017

Join SparkPost’s CISO and ValiMail’s CEO and Co-Founder walk through common cyber security threats and learn how to bulletproof your email in 2017.

read more

SPF Authentication: An Overview and Best Practices

An overview of SPF authentication, how it works and how to incorporate it into a successful email authentication strategy.

read more

Debunking the Myths of Moving Your Email Service to the Cloud

There are a lot of myths going around about email security in the cloud. We're debunking them and sharing tips for better security measures.

read more

Start sending email in minutes!

The world’s most powerful email delivery solution is now yours in a developer-friendly, quick to set up cloud service. Open a SparkPost account today and send up to 100,000 emails per month for free.

Send 100K Emails/Month For Free

Send this to a friend