Email Security Comparison - Anti-Phishing Software: 6 Questions to Ask

Posted by Amy Daly
Amy Daly

Selecting an Email Security Gateway can be a difficult task. Really, if you are in the market for a Secure Email Gateway (SEG), you appear to be spoiled for choice.  'SEG's are ten a penny, and they offer a guarantee that they can prevent phishing. 

However, step back with me for a moment and consider the fact that each year, billions of dollars are stolen from US corporations as a direct result of successful phishing attacks.

In 2019 both Google and Facebook, two tech titans with otherwise impeccable security histories were both infiltrated by successful phishing attacks. In both cases, a legitimate vendor was successfully impersonated to the tune of tens of millions of dollars, all before any flags were raised. 

How is it then that with the proliferation of phishing attacks and their apparent success so many applications claim to be the solution?

One of our competitors claims to be the 360 degrees solution; however, we routinely find brand forgeries slipping through their net and making an to the email bloodstream of their allegedly protected customers. 

Unfortunately for the security professional who is shopping for a new SEG, a mixture of aggressive marketing and misplaced confidence have created a soft underbelly under our email platforms.

At INKY, we, and our customers, have a shared belief and conviction that INKY's Phish Fence is the superior choice. Nothing slips through the Phish Fence.

To help you compare and find the right email security solution we've prepared six questions to ask before you commit to an SEG.

Note: Keep in mind that at INKY we can answer each of these questions in the affirmative, not in a future release, not tomorrow, today (we could yesterday too).

  1. Does the product have User-friendly banners added to emails to provide warnings and "Just in Time" phishing awareness?

INKY does. Our anti-phishing banners provide users with assurances or warnings in each and every email. Our banners provide a unified cross-platform user experience presenting uniformly on both mobile and PC devices. The banner system serves as a message by message educator, hardening the email user community to the realities of phishing and increasing their ability to spot phish and most critically think before they act.

  1. Does the product have a ‘report link’ added to emails that facilitates end-user reporting of both malicious email and spam?

INKY provides a direct reporting capability that users can self-action after a banner has flagged a message as suspicious. The banners alert IT immediately that a potential phishing attack has been attempted, but critically provides the smaller IT shops with the opportunity for users to self-report rather than driving all potentially suspicious emails to a quarantine folder.

  1. Does the email security product require any add-ins, plug-ins, or client dependencies of any kind?

INKY works completely independently and integrates seamlessly into your current email setup, no add-ins, no plugin's, no fuss at all. Better yet, mail passing through 'INKY's Phish Fence does so in typically less than a second.

  1. Does the product employ computer vision methods to identify and block brand forgery emails?

INKY computer vision is second to none; we can discern fake graphics, fraudulent iconography and even assess the cadence of messages to determine whether they follow the typical pattern of the corporation being spoofed or represented.

  1. Does the application provide inline deployment with a full MTA, as opposed to API-based deployment?

This means INKY can

  1. a) Modify mail to add banners
  2. b) Move mail to quarantine
  3. c) Rewrite links to provide URL protection
  4. d) Scale to enterprise mailbox counts
  5. e) Operate in real-time on incoming mail (average latency < 1s in production)
  6. f) Remove added banners from messages end users reply to for better OPSEC

API based 'SEG's can't do any of that.

  1. Does the application offer interoperability with all incumbent SEGs?

At INKY we understand that a legacy investment may have already been made in an SEG perhaps your configuration is successful as a whitelisting device, is working for as an anti-spam mechanism or successfully stripping malware.

With that in mind, we made INKY work with every SEG on the market today. With INKY, there is no need to rip and replace. In fact; we play so well that Phish Fence seamlessly acts as a final barrier to prevent the phish that made it through your SEG from going anywhere.

I encourage you to ask the six questions we've provided and if, as I suspect, the platform you are considering doesn't answer yes to all of the questions then I urge you, allow us to prove in real-time how effective INKY’s anti-phishing solution can be. 

You don't compare apples to potatoes or horses to cats so don't compare spam filters and malware filters with a fully-featured email security gateway. The legacy SEG's are resting on their laurels; they are happy scraping off the low hanging fruit, the spam, the malware but their approaches are lazy, you deserve better, you deserve INKY.

Schedule a DEMO today and start a free trial.

Topics: email security