Be sure your email security system will follow links and inspect not just the source email but the target link in the message.Įvery link in an email is potentially a phishing site, and with deep link inspection, the email system opens the link in its own sandbox to make sure it isn't malicious. While some phishing attacks are evident just from the look of an email, the more insidious ones may not become evident until the link is probed. The first email from anyone is more likely to carry a phishing attack and probably deserves closer inspection by the email security system than a message from a known person. Your email security system may apply some intelligence to the message flow and determine who your normal correspondents are - either by name or by company. If you're like me, you get a lot of emails. While mailbox intelligence is a fairly straightforward feature, it can save you from a lot of trouble. The quickest path to potential improvement is to first review your existing email security system configuration.Īlso, ask your vendor if it leverages other resources, such as FireEye, Lastline or others. If so, make sure you know how extensive it is. Threat intelligence services - also called platforms or networks - provide this information, so be sure to check your vendor's offerings to see if it has its own threat intelligence network. Verify threat intelligence networksįirst and foremost, your email security needs to be smart and know about threats as soon as they arise. While this might be outside your purview as an email security professional, encouraging credential protection can be a secondary but effective method to guard against phishing attacks. Similarly, many systems provide reports of anomalous logins or login attempts. Many applications offer two-factor authentication, where a text is sent to a person's registered mobile number, for example, to help assure the right user is logging in. If you can't stop 100% of phishing attacks, you can at least reduce their effectiveness by hardening the login process. The goal of phishing is most often to retrieve and compromise users' credentials. If you're still running on defaults, your system definitely isn't optimized. The quickest path to potential improvement is to first review your existing email security system configuration. While IT professionals have a tendency to look beyond their existing environments for new features and functions or to new vendors to help solve technology problems, they often don't have to look that far. While not comprehensive, this email security checklist should help ensure you have your anti-phishing bases covered. The following list was created using The Tolly Group's background in email security, along with input from email security vendors. Whether you're looking for a new email security system or making a wish list of features to hand your current vendor for phishing protection, here's a checklist of key product features to consider.
0 kommentar(er)
