It shouldn’t be a surprise to anyone working in information technology that cyber criminals still prefer email as their primary attack vector. Spam continues to make up over half of all emails sent and phishing attacks continue to rise at record rates. Not only this, but according to Websense’s 2015 Threat Report, the level of sophistication, evasiveness and complexity (of attacks) has increased. To fight these threats, email security software is at the forefront and these are some of the trends you can expect to see in the upcoming year that you will find in the more effective solutions on the market.
1. Authentication to address spoofing
One of the most dangerous attacks involves spoofing email addresses; especially if the attacker is able to spoof the address of someone the target trusts. According to Google, more than 94% of all incoming messages to Gmail carries some type of authentication to help prevent phishing and other email attacks that rely on impersonating a trusted individual or organization. Email security software that does not include authentication technologies such as inbound and outbound SPF and DKIM as well as DMARC validation are not effectively protecting your incoming email and are not stopping others from impersonating you.
2. Move away from Blacklists and Whitelists
At one time, relying on the community created lists to identify domains for known spammers was the best way to stop incoming email threats. However, attackers quickly registered new, clean domains to use and email security software was always playing catch up. Whitelisting technology has its problems as well as legitimate emails are not delivered because they are inadvertently flagged as spam, or false positives, if the sender’s domain is not on the list.
3. Less reliance on Bayesian filtering
Once a heralded technology used by email security software, Bayesian filtering applied a score to all incoming emails based on the use of certain words in the email itself. If the probability score exceeded a pre-set threshold, the email was flagged as spam. The problem is, spammers and phishers quickly realized how to beat this technology and like blacklisting and whitelisting, Bayesian filtering quickly found itself one step behind the bad guys.
4. Reliance on challenge/response technologies
Spammers send tens of thousands of emails at a time so if an email is not successfully delivered, they tend to ignore protocols that resend the undelivered message. Legitimate email servers don’t ignore these protocols. Instead they resend the message. To tell if a sending server is legitimate, some email security software will hold back messages to see if the sender retries the delivery. If the message is resent, the email is further scrutinized. If a second attempt never arrives, then the recipient server flags the email as suspicious.
Other challenge/response technologies include holding a message in a queue. The sender is emailed a verification message. When that sender verifies that their address, and the message they sent is legitimate, the message is delivered to the intended recipient.
5. Reliance on the end-user
The most reliable email security software vendors understand that while technology is great at filtering out a great deal of threats, the end-user needs to be part of the equation to stop anything that makes its way through. By allowing email users to create their own lists of trusted senders and giving them the ability to flag suspicious emails is the one trend that you can expect to have the greatest impact on email security in the year 2016.
Contact Sendio to see how out Opt Inbox and Email Security Gateway products can help protect your business against the emerging email threat landscape.