Email security is not a simple check-box item. The need to have a strong email security solution in place has never been greater. Email is ubiquitous, and the average employee receives so many emails on a daily basis that they often open and click on messages without giving a second thought to any potential problem they might pose.
This means an organization must have an email security solution in place to find and block suspicious emails before someone mistakenly clicks on a link.
It is obvious from the large number of email-based attacks that have been tracked by industry and governments globally that the email security technology many organizations use is not sufficient to protect them from highly sophisticated threats.
In fact, most organizations have little idea how vulnerable they are to an email-based attack, nor do they have the capability to properly defend themselves.
The Threat Surface
Phishing remains the top attack vector used by hackers. The FBI’s Internet Crime Complaint Center (IC3) 2021 Internet Crime Report noted that phishing scams were extremely prominent, with 323,972 complaints being made in the U.S. in 2021, compared to 241,342 the previous year. Adjusted losses resulting from these attacks is more than $44 million, a $10 million decrease from 2020.
Specific to organizations, Business Email Compromise (BEC) is one of the most widely committed crimes by cybercriminals. IC3 received 19,954 BEC/Email Account Compromise (EAC) complaints with adjusted losses of over $2.4 billion in 2021 alone. The number of complaints was about flat year-over-year, but losses increased by about $600 million, the FBI report stated.
Additionally, new threats are being uncovered on a regular basis. For example, Trustwave SpiderLabs recently discovered a ‘chameleon’ phishing email campaign that leads to a credential capture page.
What is unique about this campaign is that the malicious credential capture landing page uses the victim’s email address to change how the landing page looks, making it more appealing to the recipient and thus more likely to be opened.
If the victim has a Gmail account, it will use Google graphics and assets to make it look like they're logging back into Gmail. If the victim has an Outlook account, it will pull Microsoft graphics and assets to make the malicious page look like a genuine Microsoft page.
What’s the right way to solve for your email security challenges?
Email security is not a one-size fits all game. Properly preparing for email-based threats means understanding and addressing two key aspects:
- Your email deployment scenario: cloud, on-premises, hybrid, or service-provider
- Your current email security posture:
- Is your current approach fitting your requirements?
- Are you relying solely on “built-in” security features of Office 365?
Trustwave MailMarshal: By the Numbers
What is needed to properly defend an organization from an email-based attack? Training workers to stop and think before they click on a link or email attachment is paramount, but even the most dedicated and conscientious staffer will make a mistake.
So, what organizations need is a system that will back stop the employees and that is where Trustwave MailMarshal comes in to play.
MailMarshal has an exemplary of protecting clients:
- Number of clients infected with ransomware: 0
- Regularly priced one-third lower than our closest competitors.
- File types recognized for scanning and blocking of malicious attachments: 400+
- Malware and exploit capture rate: 99.99%
- Average client tenure with Trustwave MailMarshal: 16 years
- Able to inspect 5 times the number of email attachment types than our competitors
- Deploy on premises or in the cloud
These capabilities are a result of MailMarshal’s 25-year history as an email security tool and the email threat intelligence that is gathers from Trustwave 5,000 global Managed Security Service (MSS) clients. As a threat is spotted and stopped with one client the information is shared throughout our organization making all of our clients safer.
A Trustwave MailMarshal Success Story
The Trustwave MailMarshal team recently helped a large American multinational telecommunications conglomerate that operates in 150 countries with more than 2,300 retail stores serving over 160 million clients.
The challenge presented by the client was to migrate its Microsoft Exchange to Workspace. The company used an email security service which was unable to integrate that product into the client’s global security operations center’s (SOC) extensive monitoring systems and native applications.
The client’s SOC was responsible for monitoring all outbound traffic for data loss prevention, conduct content inspections, and cyber intelligence delivered to decision makers.
The client adopted Trustwave’s MailMarshal On-Premises solution which was used to rewrite header rules to blind copy every outbound email passing through Proofpoint for content inspection and machine / human analysis.
The MailMarshal team also constructed comprehensive custom scripts to filter all outbound traffic for content inspection and created extensive rules with different criteria to trigger alerts with varying degrees of risk.
Trustwave MailMarshal: Try it Today
In a nutshell, we make sure inbound and outbound emails, links and attachments are clean, while enforcing your acceptable use and data loss prevention (DLP) rules. Let us know any questions and try it today.
Learn more about both editions:
Trustwave MailMarshal Secure Email Gateway
It’s no surprise that threat actors continue to rely on email to distribute malware, phishing scams, and spam. Email can be easily disguised to appear legitimate and remains the simplest way to gain access to employees, data, and money because end users receive email whether wanted or not.
Trustwave MailMarshal Service Provider Edition
Built on the award-winning Trustwave MailMarshal Secure Email Gateway, Trustwave MailMarshal Service Provider Edition (SPE) was designed from the ground up for service provider environments to help you manage your common business issues as well, such as administration, policy management, provisioning and workflow.