Focus on Phishing: Email Security Best Practices

Posted by Amy Daly
Amy Daly

When we think of email security at the user level, it is commonly associated with ensuring that each email user has a unique user name and password and while this approach is certainly important for most enterprise applications we must also consider the fact that email is a conduit to the outside world.

It is this external contact point that perhaps more than any other application provides an avenue for criminality that can often be exploited by criminal elements wishing to either harm your company reputation or to relieve it of several million dollars.

SPAM FILTER

The first place to think about email security best practices is to ensure that you have an adequate spam filter. Spam filtering is used to identify emails that are fraudulent or are soliciting your associates to buy products or participate in calls to action that are outside their normal working parameters.

SPAM is often obvious to the human eye and is written typically in such a way that should you receive some, you are often able to discern as SPAM.

Spam, overall, is an annoyance. It clogs up email boxes and distracts employees.  Often spam's most significant harm is causing legitimate emails to be lost under a pile of nonsense.

A properly functioning spam filter will filter out all of the spam email into a “spam” or “junk folder”, and this we would consider to be the first level of email security best practice.

MALWARE/RANSOMWARE FILTER

The next area for email security best practice is to consider the employment of a malware filter. Malware filtering looks for suspicious attachments included in emails and typically either deletes or quarantines them for administrator review.

Unwanted attachments can include viruses, Trojan horses, or, most recently two school districts in New York as well as the state of Texas and the city of Baltimore - ransomware attacks. Ransomware attacks are the digital equivalent of kidnapping.

Effectively the malware is used to take over the host PC from which the email was received and is then able to deliver itself beyond the initial recipient and through the company‘s network.

The criminals who have deployed ransomware then demand a financial payment to unlock the computers that they have deployed their program to. Ransomware can become an extremely dangerous and expensive exercise for a corporation, many choose not to pay, often resulting in data loss, financial loss and potential embarrassment such as in the case of the Sony email hack.

PHISHING SIMULATION

Another common best practice for email security is to use Phishing simulators. Phishing simulators are used by IT organizations or occasionally contracted third parties to create a phishing premise that can be tested on an organization's user community in order to assess their ability to discern fraudulent emails from real messages.

IT organizations often derive metrics from these exercises to help determine whether their current email security gateway is sufficient, whether any training programs they've enacted are being successful, and to generally assess the aptitude of their email user community as a potential phishing threat deterrent.

PHISHING AWARENESS

Another common best practice for email security is Phishing awareness training. Phishing awareness training is used to condition an organization to understand the telltale signs of a phishing attack.

This training is intended to empower the email user community as a line of the defense against incoming attacks. Phishing awareness training typically includes examples of recent attacks that have been publicized, or in some cases use actual email attacks that have been launched at the company itself.

Phishing training is often limited to employee induction; however, it is becoming more common for IT department to insist on biannual or at least annual training to ensure that phishing awareness is a constant within their email user community.

Further, many IT departments have also been integrating phishing alert buttons into their email clients to encourage users to report suspected phishing activity.

INKY PHISH FENCE

Many of the email security gateway applications that are currently advertised suggest that they can successfully meet all the best practices that we have discussed today, however they have many shortcomings. INKY's Phish Fence replaces legacy email security gateways by employing best-practice methodologies to ensure a single complete email security gateway suite.

INKY's Phish fence technology combines machine learning, computer vision, and artificial intelligence. Our unique blend of technology ensures that spam attacks are never delivered, the malware never makes it to the users inbox, and each email provides the opportunity for training by using our unique banner system to inform the email user as to the veracity of every message they receive.

Critically,  unlike the other email security gateways, we do not employ fixed statistical models, our algorithms are in a constant state of learning, preventing same day spearfishing attacks, CEO impersonation, brand forgery and a host of subtle targeted fishing cues that the spam and malware filters miss and that would not be easily discerned by humans.

INKY can be installed in less than an hour in most cases and has an incredibly small footprint that belies its awesome power.

If you are looking for a new email security gateway, or perhaps you feel let down by your current email security application as phish continue to swim their way into your email inboxes, then we invite you to schedule a complimentary phishing and email security demo.

INKY – Phight Phish

Topics: email security