Blogs and Posts
- By: Garry Feldman
- Date: September 27, 2017
In an age of widespread phishing and devastating ransomware attacks, all businesses must have an email cybersecurity solution in place to preemptively detect threats.
“WannaCry” ransomware attacks alone cost businesses to the tune of $4 billion earlier this year. Businesses that fall victim to cyber attacks also have untold losses from diminished brand reputation, fleeing clients and liability costs for accidentally releasing sensitive data. Many of these attacks originate through suspicious emails. Clicking on the wrong email may install malicious code or allow attackers to grift administrator login data from unsuspecting users.
These threats can be averted with a live email security gateway and monitoring system, such as Mimecast. We at U.S. Computer Connection recommend Mimecast in particular for three of its key features that provide advanced yet flexible email security solutions.
Mimecast Email Security Gateway URL Protect
The first Mimecast email cyber security feature worth mentioning is URL Protect. After configuring Mimecast to monitor your inbound email, the service scans each email before it is delivered to the intended recipient.
With URL Protect, Mimecast determines if the URL (a link to a website) is pointing toward a malicious site. If a malicious or suspicious link is detected, the email is flagged for review by the network administrator, and it can also be quarantined or deleted automatically.
To continually protect from threats over time and ensure security for all email links, Mimecast rewrites any links that get forwarded to business email users so that the links point back to the Mimecast server. Then, Mimecast scans the requested link once more in real-time, ensuring that threats are averted over time and not just once they are sent.
Mimecast Email Cyber Security Attachment Protect
Mimecast’s Attachment Protect feature performs a similar function to URL Protect. Instead of rewriting links, though, Attachment Protect swaps out attached files for an image of the file to send to users. Since over half of business email attachments are read-only PDFs, the service does not disrupt most users’ needs when viewing and using an attachment.
For attachments where the original document does need to be accessed and edited, such as Microsoft Word .docx files, Mimecast can rescan the file in real-time to ensure that there is no threat present.
In addition to scanning the document itself, Mimecast also looks for malicious code that can be embedded within documents, including malicious URLs or malicious macro code that can be used to infiltrate systems within a network.
Mimecast Impersonation Protect and Email Fraud Prevention
A new form of email fraud seeks to infiltrate not through malicious codes, programs, links or files but rather by fooling the recipient himself. These emails impersonate someone important in the company in an effort to obtain sensitive data, such as account numbers, employee SSNs, key login information and more.
Because the imitation approach is more ambitious than phishing, some in the cybersecurity industry refer to the practice as “whaling.” These whaling attacks have more than doubled in the past few years, costing businesses over $1.2 billion dollars from 2013 to 2015.
To detect suspicious emails, Mimecast looks at a variety of test factors, including reply-to mismatches, unusual sending domain names, flag phrases like “wire transfer,” email address spoofing, and more. Depending on the administrator’s settings, any suspected emails can be marked as suspicious, quarantined for later scrutiny or automatically deleted.
Implement Stronger Email Cyber Security Measures for Your Business
Your business cannot afford to fall victim to ransomware, data theft, phishing, whaling and other schemes. Contact U.S. Computer Connection today for a comprehensive email cyber security audit and to implement effective solutions like Mimecast so that your emails — and your business — can be protected.
- October 2017 (2)
- September 2017 (6)
- August 2017 (4)
- July 2017 (4)
- June 2017 (6)
- May 2017 (4)
- April 2017 (6)
- March 2017 (4)
- February 2017 (5)
- January 2017 (5)
- December 2016 (5)
- November 2016 (5)
- October 2016 (4)
- September 2016 (6)
- August 2016 (4)
- July 2016 (7)
- June 2016 (7)
- May 2016 (6)
- April 2016 (5)
- March 2016 (7)
- February 2016 (5)
- January 2016 (5)
- December 2015 (6)
- November 2015 (1)
- October 2015 (2)
- August 2015 (5)
- Backup and Disaster Recovery (7)
- Business IT (31)
- Security (45)
- Training (22)
- Uncategorized (26)
- Webinar (18)