Security Market Segment LS
Wednesday, 16 September 2015 15:13

Email attacks that evade authentication

By

Data solutions provider Return Path has unveiled email threat Intelligence capability to identify malicious emails including phishing and spoofing trends.

Return Path has announced the launch of its Email Threat Intelligence capability report which analyses current email fraud tactics. Return Path's solution applies message-level data analysis toward the detection of email fraud that cannot be identified by authentication-based technology. Recent analysis shows that brand spoofing, a tactic employed to evade authentication-based email filters, is widely used in phishing attacks against brands and consumers.

Brand spoofing refers to falsifying the display name, email account, or even subject—so a fraudulent message looks like it has come from a trusted brand.

Domain spoofing refers to messages that falsify the sending domain to match one under the brand’s control. Brands can deploy authentication-based solutions like DMARC (Domain-based Message Authentication, Reporting and Compliance) to protect consumers from domain spoofing. Return Path estimates that only 30% of email attacks against brands use this tactic. Return Path Email Threat Intelligence was developed to detect the remaining 70% of threats not addressable by DMARC.

Powered by the Return Path Data Cloud, Email Threat Intelligence leverages the company's network of more than 70 major mailbox and security providers to analyse over 6 billion email messages per day. Applying proprietary threat detection algorithms, the solution identifies attacks in real time enabling brands to take immediate action to protect consumers from malicious messages.

Using Email Threat Intelligence to investigate prevalent tactics used by cybercriminals, Return Path found more than 750,000 malicious messages spoofing 40 top-tier global consumer brands over the course of July and August 2015. Most of these messages employed brand spoofing to avoid detection by existing email authentication protocols.

In addition to brand spoofing, Return Path analysed the use of snowshoe spamming—a tactic to complicate detection by sending batches of fraudulent messages from multiple IP addresses—and found that large-scale attacks followed no recognisable patterns to help identify them. Of the 100 largest attacks detected, 22 were highly distributed across networks of sending IPs—so-called botnets. Meanwhile 27 were not distributed at all, generally coming from single sources, indicating that reputation-based filtering and blacklists are effective countermeasures in the fight against email fraud.

“Brand spoofing is the most prevalent email fraud tactic in use today because it is difficult to detect. While authentication-based solutions like DMARC represent the best available protection against direct domain spoofing, companies have had no way to identify and address email threats appearing to come from domains outside of their control. Now they do,” said Robert Holmes, general manager, Email Fraud Protection at Return Path. “These solutions are complementary. Brands that use DMARC and Email Threat Intelligence together can act quickly to eliminate the impact of email fraud. Defending consumers against phishing attacks, malware, and scams is essential to maintaining brand trust and loyalty. Return Path’s Email Threat Intelligence enables brands to address a huge gap in their email fraud protection.”

Methodology

Using its email threat intelligence solution powered by the Return Path Data Cloud, the company analysed more than 240 billion email messages associated with 40 global brands in industries historically prone to email fraud. The messages were received during a 40-day period in July and August 2015. Return Path’s threat detection and classification algorithms identified 769,792 malicious messages targeting the included brands, 503,975 of which (63%) spoofed at least one element of the email header.


Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.

CLICK HERE!

WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments