10 Things You Need In An Email Security Service
From detecting snowshoe spam and compromised cloud accounts to providing simulated phishing attacks, sentiment analysis and oversight of east-west traffic, here are 10 things companies should look for in an email security service.
Flagging Sentiments That Don’t Look Right
Crowdsourcing tools have struggled to pick up spear phishing, but the APIs in Office 365 have now made it possible to examine the sentiments in messages in a manner that goes beyond simply classifying them as bad or good, according to McAfee Chief Information Officer Scott Howitt. There’s an opportunity for emerging technology from companies like Abnormal Security to come in and disrupt this space, he said.
The process begins by creating a VIP list of the people in an organization most likely to be targeted with impersonation emails such as the CEO, CFO, CIO, CISO or board members, Howitt said. The API-based approach then looks at the metadata and can identify if an email is coming from an irregular place or asking for something unusual given the executive’s role in the organization, according to Howitt.
This API-based approach is particularly useful when adversaries create a unique email address for a single spear phishing attack, meaning the address in question isn’t going to appear on a blacklist since it’s never been used before, Howitt said. The software doesn’t just sit and watch emails come through, but actually examines the heart of the content and metadata to figure out what looks abnormal, he said.