Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More

Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign

The need for an iron-clad email security solution is once again making headlines.

On October 3,the US Department of Justice (DoJ) reported that, working with Trustwave partner Microsoft, it had disrupted a Russian government-based scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.

The DoJ partially unsealed a warrant authorizing the seizure of 41 internet domains used by Russian intelligence agents and their proxies to commit computer fraud and abuse in the United States. The department worked in tandem with a Microsoft civil action to restrain 66 internet domains used by the same actors, the DoJ said.

“Today’s seizure of 41 internet domains reflects the Justice Department’s cyber strategy in action – using all tools to disrupt and deter malicious, state-sponsored cyber actors,” said Deputy Attorney General Lisa Monaco.

According to the partially unsealed affidavit filed in support of the government’s seizure warrant, the seized domains were used by hackers belonging to, or criminal proxies working for, the “Callisto Group,” an operational unit within Center 18 of the Russian Federal Security Service (FSB). The group committed violations related to unauthorized access to computers, obtaining information from US government departments or agencies, unauthorized access to protected computers, and causing damage to protected computers.

The Callisto Group conducted an ongoing and sophisticated spear-phishing campaign to gain unauthorized access to the computers and email accounts of the US government and other victims, the DoJ said. Their targets included US-based companies, former employees of the US Intelligence Community, Department of Defense and Department of State employees, US military defense contractors, and staff at the Department of Energy.

Spear phishing is a highly targeted form of phishing attack where the attacker sends a personalized email or message designed with specific information tailored to trick the targeted individual or organization into revealing sensitive information or clicking on a malicious link.

It is essential to understand that there are multiple steps organizations can take and that services are available to help protect against email-based attacks.

Discover Trustwave Email Security

Learn More

 

Guarding Against Nation-State and Criminal Email Attacks

Trustwave SpiderLabs Research Manager Phil Hay shared some actionable advice for organizations looking to stay ahead of advanced email threats.

“The traditional approach of security in layers works really well,” Hay said. “Knowing what’s right for your environment, training your organization, testing new tools in parallel with your existing devices and software, and having a tool that can carry out a set policy is key.”

No single tool will completely protect you against email attacks - instead, an organization must have a strong process, good training, and tools to help ensure there’s defense across multiple levels.

Top Email Security Recommendations:

  • Enable Multi-Factor Authentication (MFA) on accounts wherever possible to invalidate credential account attacks. Microsoft found that 99% of compromised Microsoft accounts they observed did not have MFA.
  • Have a second form of verification and validation before changing bank details or sending payments over email.
  • Provide annual security refreshers for the whole organization. Covering phishing and overall security awareness will teach employees what attacks they may individually face and give them a plan of action.
  • Use a secure email gateway (SEG) like Trustwave MailMarshal, optimized for your organization.
  • Set a policy on how the organization will handle different file types that are sent over email.

 

The Power of Trustwave MailMarshal: Battle-Tested Email Security Defender

Trustwave MailMarshal offers a sophisticated multi-layered approach to email security to reduce false positives and protect against spam, gateway attacks, viruses, phishing attempts, and malicious URLs embedded in an email. In addition, it provides complete email protection against phishing, spear–phishing, and business email compromise (BEC).

MailMarshal provides layered protection against email-based threats, capturing all forms of threats to protect your environment and reduce the burden on your security team.

  • Protects against ransomware attacks, BEC, phishing scams, malware, and Zero-Days
  • 99.99% malware and exploit capture rate
  • < 0.001% spam false positives
  • Layered threat intelligence, powered by telemetry from 5,000+ global MSS/ MDR clients and ML-powered algorithms
  • Granular control of internal SMTP traffic
  • Decades of leadership in email security supported by Trustwave SpiderLabs elite threat detection security team
  • Deploy on-prem or hybrid cloud
  • Complements Microsoft 365 and other cloud email services.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo