We’re serious about email security

Most people don’t need to know about how email works. As long as they get to us in a timely manner, there’s nothing to worry about.

And yet, because email is still the first route into your computer for attackers, we spend a lot of time thinking about it. And in truth, the statistics are worrying:

  • In the third quarter alone of 2016, 18 million new malware samples were captured by a single security company (Panda Labs).
  • More than 4,000 ransomware attacks took place, every day, since the beginning of 2016, a 300% rise on the previous year.
  • Phishing – the act of tricking the user into clicking or giving up valuation information, works increasingly well with ransomware.
  • Even users who claim to be aware of the risks click on unknown links in email. (See this article from Business Insider)

Friedrich-Alexander University

Regardless of how good an anti-virus solution is, the weakest link in all companies is still the email recipient.

With this in mind, we have made a large number of changes to protect users even better. In addition to our best-in-class spam filtering capability, we are working tirelessly to stay at the forefront of email security, by implementing a number of back-end solutions for our clients

  • learning anti-spam algorithms: we block or quarantine well in excess of half of all incoming emails and keep refining our algorithms to ensure the best anti-spam protection at all times
  • email header tagging: some emails look legitimate but are sent from badly configured domains. Such emails are automatically “tagged” in the title, to invite recipients to pause and think whether it might be of dubious origin
  • automatic typo-spotting: we now automatically check malicious typos in hyperlinks, so that if someone tries to get you to amason.co.uk, we redirect you automatically to the correct amazon.co.uk website
  • url re-writing: there is a complex exploit, where a hacker can send a link to a legitimate website, say on a Friday night. As the website is clean, the security devices let the email through, and over the week-end, the hacker corrupts the website: by the time you click on the link on Monday morning, you are opening the gate to spyware, viruses and ransomware. url re-writing is a technology which checks the safety of the website when you click on it, not when the email is delivered.
  • sandboxing: in complete confidentiality, we can now open attachments in a

    Source: Symantec 2017 Internet Security Threat Report

    secure, virtual environment and assess its impact on the operating system. Only if the attachment is proven to be safe will it be allowed through. When fake invoices are the number 1 type of phishing attack, sandboxing is a must-have protection

 

Some of the features above are already live for all our clients, and we are busy rolling out some of the additional features listed above.

You should talk to your existing email provider / IT security contractor to find out what solutions are currently in place to protect your business emails. If the answers leave you wanting, you can always contact us by email or on 0800 093 9100 for additional information.