How the Right Secure Email Gateway Prevents Social Engineering Threats

By January 26, 2016 June 14th, 2017 Blog

In today’s age of high-tech viruses and sophisticated malware, good old-fashioned social engineering attacks are still some of the most dangerous threats out there.

Consider the case of Ubiquiti Networks, a provider of enterprise-class networking technology. Earlier this year, the company fell victim to an email-based social engineering attack, which resulted in a loss of nearly $40 million. Officials reported that through a “CEO scam,” fraudsters impersonated the email address of a member of upper-level management, contacted the company’s finance department and asked them to transfer enormous sums of money into an outside bank account.

This painful $40 million mistake is proof that social engineering attacks work—even when carried out against a savvy member of the technology industry. That’s why a highly effective, layered email security platform is so important to guard against threats like phishing, spear-phishing and other types of spam. With the right security techniques in place, an enterprise can consider email-based social engineering attacks a non-issue.

Here, we explore the ways in which the right secure email gateway can help prevent social engineering threats:

1. Anti-spoofing technology

Any secure email gateway used throughout your organization should employ leading anti-spoofing technology. This will help ensure that all incoming emails have been sent by the person who claimed to send them (e.g., one of your company’s vendors, or its financial institution) and not a spammer posing as a legitimate sender.

Today’s best practices dictate that your secure email gateway should use DKIM signature checking and Sender Policy Framework (SPF) for processing messages. Both DKIM and SPF validate messages sent from a given domain were actually sent from a host that is authorized by the domain’s administrators. When used in conjunction, these two techniques are a powerful way to ensure that schemes such as identity theft, phishing and other spoofing-type emails do not make their way into your end users’ inboxes.

2. IP address reputation tracking

In addition to DKIM and SPF validation, your company would also benefit from an email gateway that tracks the reputation of IP addresses. In this type of system, the information repository will keep track of bad email senders in real time, using email pattern detection technology to discover even the newest malicious IP addresses. This technique provides protection against spam in general, and can be particularly useful in detecting phishing and spear-phishing schemes because it tracks IP addresses, even if a given email address looks legitimate.

3. Sender verification

Spammers send out an incredible number of messages every day, in the hopes that at least some users will fall for their latest spoofing or phishing scheme. A new technique for sidestepping most malicious email senders involves verifying each unique sender: When an email arrives from a new sender, the email gateway defers their message into an SMTP transaction. Legitimate senders will usually re-try their message a few minutes later, while spammers will avoid this “handshake” step.

This verification step adds another layer of security to your email network by incorporating SMTP email standards and conventions, which are an effective tool against most email-based social engineering attacks.

As social engineering threats continue to grow around the world, it is vital to protect your organization with a secure email gateway that includes layers of intelligent protection. Your company’s reputation and future success could depend on it.

The Sendio® Opt-Inbox solution helps to minimize the threat of social engineering attacks by verifying that all incoming email is from legitimate senders. Request a demo to discover how effective it can be in keeping your own organization safe from social engineering threats.