Email Security Equals Business Security

With the exponential growth in the amount of business that is conducted over the Internet, email security is of utmost importance. In addition to malicious viruses that can cause thousands of dollars in damage and lost productivity, spam can provide a means for cybercriminals to enter your computer system, resulting in stolen data and irreparable damage. Once these miscreants compromise your email security, they can access private information or hack into your website, shutting it down completely or changing it in ways that can result in lost time, money, and sales. Spam bots can be placed on your system, enabling spammers to exploit your resources and send spam from your IP address. This is why an anti-malware package with a good spam filter is so important.

Gartner Predictions said that 75% of businesses would be infected by malware by the end of 2007. The number of criminals who use spam to conduct their crimes continues to grow. The odds of avoiding attack are against any business that does not have a strong anti-malware package with an up-to-date spam filter in place to ensure email security. According to Sophos, 6,000 new web pages are infected every day, and yours could be next.  Moreover, it could be days or weeks before you even find out.

Use the Best Anti-Malware Package to Ensure Email Security

With so many email-based threats able to compromise your ability to run your business, you cannot afford to purchase the wrong anti-malware package. There are a number of highly sophisticated packages on the market that can guarantee email security. However, cheaper is not always better, and a poorly designed spam filter can be worse than having no protection at all. The right package is one that will evolve to meet each new Internet threat as it appears.

Just as cybercriminals make a career of finding new ways to compromise your computer security and profit from the private information on your system, anti-malware developers are also continuously developing and upgrading their products. Spam and Internet crimes are not static, and your protection should not be, either. Your spam filter should update often to meet each new threat, and your entire package should be upgraded regularly with the latest technology.   Your email security depends on it!

Blended Attacks on the Rise, Spam Email Still Primary Attack Vector

Spammers continue to refine their methods in an effort to stay ahead of security measures.  At the same time, the profit motivations behind spam are expanding.  Previously, the main reason for sending out spam was to sell something.  Spam is now increasingly part of a “blended” attack, which is a sophisticated coordination of a variety of techniques designed to breach the security of targeted systems, steal data, and take control of the compromised systems by adding them to botnets.

In many cases, the actual malicious code is delivered when a user visits a compromised website which is capable of infecting the user’s computer.  Because of this, security vendors are stepping up their marketing efforts to sell web security devices and software.  The fact is that the majority of these infections occur when a user follows a link received in a spam message.  Security Labs reports that 65 percent of spam contains malicious URLs leading either to compromised web sites or to sites that are created by spammers and fraudsters.

Trend Micro recently reported on targeted attacks on CEOs that began with spam emails.  These emails appeared to contain links to court documents related to subpoena actions.  The links actually led to fake websites, where users were prompted to install browser plug-ins in order to view the files.  The “plug-in” was actually a Trojan which secretly connected to other malicious sites and installed yet more malicious software.

Another recent example was the wave of attacks from the Storm botnet, which consisted of spam emails claiming that the U.S. had invaded Iran.  This message appeared to link to websites where video footage would show some 20,000 U.S. soldiers launching world war three.  The site showed what appeared to be an embedded video player, but clicking on the player button resulted in the execution of malicious code that installed a Trojan on the user’s computer.

In the Battle Against Junk E-mail, the Human is the Most Vulnerable

These days, companies utilize many technologies to protect corporate resources, such as e-mail scanners, firewalls, web proxies, anti-virus suites, and spam filters.  Keeping up with the latest scams, exploits, and security updates calls for nonstop vigil, and the spammers keep the pressure on by endlessly broadening the footprints, complexity, and heavy volume of junk e-mail they transmit out.  Many junk e-mail blockers are unable to keep up with the many variants of e-mail threats.  A growing percentage of these are holding no damaging payload themselves (thus getting around e-mail security that relies on malware signatures), but try to tempt users to internet sites that are capable of “drive-by” infections.  In other words, just visiting one of these websites can infect a user’s machine.  Promises of free music, ring tones, computer software, or photos provide motivators to visit these websites.

This type of attack relies on human traits – curiosity, the desire to get something for nothing, even lust – to tempt people to visit on the websites.  The assurance in the level of corporate security against spyware and other forms of malware is raising, which is the fundamental reason of this.  Individuals perpetrating junk emails and malware have started utilizing social engineering, adding a human dimension to their assaults.  To battle against this new kind of junk e-mail, organizations must mix technology with distinctly stated policies to deal with unsolicited commercial e-mail.

End users who are well-informed will help end the security risked posed by “wetware”.  Attacking the human factor of security measures by mailing malicious emails is usually called phishing.   When the attacker has some fundamental data on the victim, these assaults are very targeted and efficient, these attacks are usually called spear phishing.

Spam is Back in Full Force

Symantec’s Monthly State of Spam report for March showed an increase in bounced messages that found spammers forging sent email addresses and using them in the “From” header of their own Spam messages.

Reminiscent of Backscatter, spammers are taking advantage of mail transfer agents configured to send back a list of failed email recipient addresses, an explanation of the cause of failure, and a copy of the original email. This opens a window for Spam attacks, as anti-spam filters do not block most “failed email” replies. Since spammers forge the sender’s address, this mail is going to be received by people who have nothing to do with the Spam.

Corporate networks will feel the greatest burden of the increased attacks. Using increased bandwidth and an increase of unwanted Spam messages in users’ inboxes will result in lost productivity. Networks are encouraged to configure mail transfer agents to not send back a copy of the original failed messages and require signatures for outgoing emails.

Spam’s new warrior: PDF?

Spammers are always using new tactics to get around spam protection; their latest tactic is using spam embedded into PDF documents. This makes it quite difficult for Anti-Spam products to detect these threats without increasing the false positive detections. Some Anti-Spam products just do not have the technology to detect these threats at all.

“Ultimately, filtering spam at the content level will become less and less effective. A better way to control spam is by considering the source of the message – the IP address of the mail server attempting to deliver the message” says David Salbego, Unix and operations manager of computing and information systems with Argonne National Laboratory, a division of the Department of Energy (DOE) operated out of the University of Chicago.

PDF spam currently accounts for 11% of all spam, and spam levels are on average at around 88% of all mail. Specialist expect the 90% barrier to be broken as soon as 30 days.

MX Police, our flagship email filtering Anti-Spam service utilizes advanced techniques such as sender reputation to maintain extremely high detection rates and amazingly low false positive rates. When we say “Bulletproof Your Email”; we mean it! Have a look at our datasheet for more information.