Blogs and Posts

How Mimecast’s Email Security Gateway Neutralizes Cyber Security Threats Instantly

• By: Garry Feldman
• Date: September 27, 2017

In an age of widespread phishing and devastating ransomware attacks, all businesses must have an email cybersecurity solution in place to preemptively detect threats.

“WannaCry” ransomware attacks alone cost businesses to the tune of $4 billion earlier this year. Businesses that fall victim to cyber attacks also have untold losses from diminished brand reputation, fleeing clients and liability costs for accidentally releasing sensitive data. Many of these attacks originate through suspicious emails. Clicking on the wrong email may install malicious code or allow attackers to grift administrator login data from unsuspecting users.

These threats can be averted with a live email security gateway and monitoring system, such as Mimecast. We at U.S. Computer Connection recommend Mimecast in particular for three of its key features that provide advanced yet flexible email security solutions.

Mimecast Email Security Gateway URL Protect

The first Mimecast email cyber security feature worth mentioning is URL Protect. After configuring Mimecast to monitor your inbound email, the service scans each email before it is delivered to the intended recipient.

With URL Protect, Mimecast determines if the URL (a link to a website) is pointing toward a malicious site. If a malicious or suspicious link is detected, the email is flagged for review by the network administrator, and it can also be quarantined or deleted automatically.

To continually protect from threats over time and ensure security for all email links, Mimecast rewrites any links that get forwarded to business email users so that the links point back to the Mimecast server. Then, Mimecast scans the requested link once more in real-time, ensuring that threats are averted over time and not just once they are sent.

Mimecast Email Cyber Security Attachment Protect

Mimecast’s Attachment Protect feature performs a similar function to URL Protect. Instead of rewriting links, though, Attachment Protect swaps out attached files for an image of the file to send to users. Since over half of business email attachments are read-only PDFs, the service does not disrupt most users’ needs when viewing and using an attachment.

For attachments where the original document does need to be accessed and edited, such as Microsoft Word .docx files, Mimecast can rescan the file in real-time to ensure that there is no threat present.

In addition to scanning the document itself, Mimecast also looks for malicious code that can be embedded within documents, including malicious URLs or malicious macro code that can be used to infiltrate systems within a network.

Mimecast Impersonation Protect and Email Fraud Prevention

A new form of email fraud seeks to infiltrate not through malicious codes, programs, links or files but rather by fooling the recipient himself. These emails impersonate someone important in the company in an effort to obtain sensitive data, such as account numbers, employee SSNs, key login information and more.

Because the imitation approach is more ambitious than phishing, some in the cybersecurity industry refer to the practice as “whaling.” These whaling attacks have more than doubled in the past few years, costing businesses over $1.2 billion dollars from 2013 to 2015.

To detect suspicious emails, Mimecast looks at a variety of test factors, including reply-to mismatches, unusual sending domain names, flag phrases like “wire transfer,” email address spoofing, and more. Depending on the administrator’s settings, any suspected emails can be marked as suspicious, quarantined for later scrutiny or automatically deleted.

Implement Stronger Email Cyber Security Measures for Your Business

Your business cannot afford to fall victim to ransomware, data theft, phishing, whaling and other schemes. Contact U.S. Computer Connection today for a comprehensive email cyber security audit and to implement effective solutions like Mimecast so that your emails — and your business — can be protected.