Stop the New Messaging Threats
Large-scale phishing email blasts still make the news, but today’s most dangerous digital attacks use spearphishing messages aimed directly at particular individuals or organizations. Both the Online Trust Alliance and Symantec accorded 2013 the dubious honor of being the year of data breaches. According to Symantec’s 2014 Internet Security Threat Report, the total number of breaches in 2013 was 62 percent greater than in 2012 with 253 total breaches. Eight of the breaches in 2013 exposed more than 10 million identities each. In 2012 only one breach exposed over 10 million identities.
Spearphishing exploits begin with targeted, personalized messages that seem legitimate, yet lure recipients to open malware, or hand over passwords or login information. Such attacks have an alarming success rate. When successful, they can result not only in the loss of critical data, but also the unauthorized use of email deployment systems or other critical infrastructure. Moreover, these attacks can jeopardize your sender reputation and your brand.
Target’s well-publicized data breach earlier this year cost the company deeply in terms of brand reputation and revenue and was traced back to a single phishing email. This is why all enterprises — and the email service providers (ESPs) that work with them — must safeguard not just inbound message streams, but outbound streams as well.
A More Intelligent Approach to Message Security
In a recent report released by the Online Trust Alliance scoring the email integrity of businesses, it was noted that:
Unfortunately, in many enterprises the email infrastructure does not natively support outbound signing or inbound checking for SPF, DKIM or DMARC. Equally as concerning is the lack of support for inbound authentication from leading MTAs (Mail Transfer Agents), the hosting community and email technology providers.”
– 2014 Email Integrity Audit report
Out of the 800 companies and brands that were audited, Message Systems was among the 12% of companies that measured up to the stringent security standards of OTA. Unlike commodity MTAs, Message Systems takes the issue of email security very seriously. Our email infrastructure platform, Momentum, (available in on-premise and managed cloud versions) is designed to support both inbound and outbound email authentication. A two-way approach is critical because threats change constantly, points of vulnerability are too numerous to list conclusively, and realistically not all messaging attacks can be prevented. You may think your security systems are functioning correctly, only to see a sudden spike in complaints, bounces or blocks in your outbound stream, exposing an attack in progress and a compromised email deployment system.
Respond Immediately and Prevent Recurrence
With Message Systems solutions, prevention and mitigation processes are inter-connected. Our customers gain the ability to apply a full range of default and custom policies for screening out abusive mail at the network and protocol layers. And they can integrate best-of-breed third-party solutions for optimal scanning at the content layer. With this approach, organizations can instantly take user feedback into account, pinpoint suspicious activity and take action before damage is done. Additionally, by facilitating responsive action and self-learning, Message Systems helps companies to not only stop malicious activities as quickly as possible, but prevent them from happening again in the future. In fact, Message Systems’ commitment to ensuring that our customer’s emails are safe from phishing attacks, is one of the many reasons why the world’s largest senders choose us to send 20% of global legitimate email.
Learn more about how DMARC is helping to save the world’s email in the How DMARC Is Saving Email eBook today!